External Supplier Dialups

Popularity:

5

Simplicity:

8

Impact:

5

Risk Rating:

6

External supplier dialups are one of the most common ways to penetrate the internal network of a target company. A typical computer room might have EMC2 storage cabinets, an IBM rack with PSTN modems on top, and so on. Among those companies where standards such as ISO27001 and local privacy laws are fully respected, the modems are usually switched off by default and activated only with a specific request from the external supplier (social engineering could definitely be applied here; these devices are commonly owned by the supplier itself and placed at the customer's facilities). When dealing with SMEs, however, these procedures aren't always respected—if they even have specific policies at all.

An attack will begin with information-gathering sessions and then move on to brute-forcing the login request, using known default accounts, external supplier company names, and local subcontractors for the "big players." A large international consultancy will often subcontract the management of recently installed machines to a small, local company that acts as a "local partner." Attackers will find it much easier to obtain or to guess a small company's access credentials than those from the large consultancy.

Was this article helpful?

0 0
The Ultimate Computer Repair Guide

The Ultimate Computer Repair Guide

Read how to maintain and repair any desktop and laptop computer. This Ebook has articles with photos and videos that show detailed step by step pc repair and maintenance procedures. There are many links to online videos that explain how you can build, maintain, speed up, clean, and repair your computer yourself. Put the money that you were going to pay the PC Tech in your own pocket.

Get My Free Ebook


Post a comment