MTS Innovation Center Launched a Range of Cybersecurity Services

The Future Crew Innovation Center, part of MTS PJSC (MOEX: MTSS), presented Security Analysis, a range of proactive cybersecurity services. The product is based on the CICADA8 expert services, uses an ecosystem approach and allows ensuring comprehensive IT infrastructure security of the organization.

Alexey Kuznetsov, CICADA8 CTO commented on the matter as follows: “The Security Analysis release is an important step for CICADA8. We are significantly expanding the range of our services and can now offer the customers comprehensive cybersecurity for their resources. Thanks to working with the large-scale MTS infrastructure, we are often challenged with non-standard tasks, after which any projects on a smaller-scale infrastructure are much easier for us.”

Security Analysis by Future Crew features twelve services to ensure business information security, which can be divided into four areas. 

Cyber attack simulation (Red Teaming) provides for evaluating the efficiency of the customer’s IS service subject to incident conditions that are as close to the real ones as possible. In particular, the employeesʼ ability to promptly detect and respond to attacks is put to test. To do this, CICADA8 experts simulate complex attacks at the level of APT groups, the purpose of which may be to obtain financial or other benefits, or cause harm to the customer or its clients. Also, increasing the IS service efficiency (Purple Teaming) is available within this service line. With constant interaction between attackers and defenders, defense mechanisms and measures are checked, blind spots are detected, while coordination of monitoring and protection services is worked out. This service provides for an evaluation of the actual cybersecurity level and improves the organizationʼs attack-detecting ability. 

The services in this area allow detecting possible vectors of attack on the IT infrastructure. During external penetration testing, CICADA8 experts detect vulnerabilities in the organization’s external systems – that is, in the services accessible from the Internet. Internal penetration testing finds vulnerabilities in a companyʼs internal infrastructure. Following both tests, experts demonstrate the operation of the most critical vulnerabilities and provide recommendations for eliminating them.

A comprehensive analysis of web app security using white-box (with access to code) or gray/black-box methods makes it possible to detect app vulnerabilities, the operation of which may lead to unauthorized access to components and critical information processed. Similarly, CICADA8 experts conduct a mobile app security analysis to detect the existing vulnerabilities in it and determine the possible consequences of their implementation.

Socio-technical testing checks the vigilance and cyber literacy of the company employees through resistance to social engineering methods. To simulate attacks on users, CICADA8 experts use phishing mailing lists and websites, distribute infected flash drives in the client’s office, call employees provoking them to give out confidential data and check the possibility of physical penetration into the customer’s territory.

A one-time vulnerability scan using automated tools detects vulnerabilities in network services and apps. After that, CICADA8 experts validate the detected vulnerabilities manually, determine the possible consequences of their operation and compile a list of recommendations for eliminating them. 

This area features the services for searching for traces of incidents and handling their consequences. Analysis of possible compromise allows detecting complex attacks in the early stages of their implementation and successful past penetrations of the customer’s infrastructure. In particular, we can identify malware or unwanted programs, as well as traces of unauthorized access to client resources. Should any signs of compromise be detected, our experts provide recommendations for further actions.

During the incident response, CICADA8 experts confirm the fact of the incident, help stop its development and neutralize the presence of the intruder. After that, the incident is investigated and the detected malware samples are analyzed. Following the investigation, the experts provide recommendations to improve protection and prevent similar incidents in the future. The experts also help in interacting with public authorities and regulators. 

The cyber resilience analysis helps determine to what extent the methods for handling IS risks selected by the customer correspond to its business needs, taking into account the current trends in untargeted attacks. This is a comprehensive service that includes penetration tests, analysis of attacks relevant to the customer’s area and the completeness of their coverage, as well as selective audits of IS processes.

Moreover, CICADA8 experts provide consulting support for a wide range of tasks: from assessing the compliance of an organization’s IT infrastructure with regulatory requirements and assessing IS risks to auditing according to ISO/IEC 27001 or using the methods of in-house development, construction and documentation of various IS processes and systems.

Elena Prudnikova, Director for Business Development and Sales at Future Crew, says: “The principal activity of Future Crew is innovative development with ensuring its cybersecurity being one of the company’s priorities. This unique expertise allows us solving not only classic information security problems, but also manage business risks of products without any analogues. Previously, we have already offered our clients hacking detection and incident investigation services. Now, we have substantially increased the range of our expert IS services having received a full-fledged portfolio of cybersecurity services.”