Rogue Physical Intrusion

Through reconnaissance, infiltration, theft and exfiltration tactics, the Sekuro team will attempt to circumvent physical controls through several techniques and as an outcome, provide tangible evidence, risks and recommendations to improve physical defence and detection capabilities.

To understand the effectiveness of your physical security controls and whether they can be bypassed by a threat-actor seeking to gain unauthorised access. Sekuro emulates a rogue threat-actor following a safe but effective testing methodology:

• Planning and Preparation: The most important phase of a black team exercise is planning and ensuring that both parties are aligned on the objective, scope and Rules of Engagement. During this phase, the Sekuro team will meet with your organisation’s stakeholders to understand the objective of the test.
• Intelligence Gathering: Using Open-Source Intelligence (OSINT) techniques, we passively search for information about the target objective to identify potential entry points and weaknesses that could be leveraged during testing. This also aids in building a pretext if challenged by staff, to facilitate testing staff security awareness from a social engineering perspective. The primary purpose of this phase is the collection of data and development of sub-objectives for Sekuro to further assess within the next phase.
• Onsite Reconnaissance: Once enough data has been collected, the Sekuro team enter the active reconnaissance phase of the test. Typically, this will involve observing the physical perimeter and recording observations to identify entry points and security controls.
• Planning and Pretexting: Once all online, passive and active recon has been completed, the Sekuro team plan and map out a series of attack-paths and scenarios for testing.
• Execution and Infiltration: During this phase is where Sekuro actively attempt to infiltrate the premises by bypassing or circumventing security controls to meet the objective of the assessment. In the first instance, your lead consultant will inform your stakeholders on when this activity is occurring and ensure communication is always available
• Evidence Gathering and Reporting: During testing, evidence is collected to confirm completion of a specific objective. This generally entails photographic evidence of a sticker, access to a specific area/room and/or exfiltration of an asset. During all testing and recon, Sekuro will record timestamps of activity, details of how a security control was bypassed, observations and recommendations on how to improve them.