A bank in South-America was tipped off regarding an active surveillance being conducted from their offices and IT environment.
As Incident Responders, we launched 2 teams in parallel – IT and RF specialists. The IT team acted as PT, trying to mimic a potential adversary and shed some light regarding vulnerable assets. This team uncovered active yet unknown privileged accounts on the company VoIP operator, as well as a potential penetration of the CCTV camera and DVR at the bank owner’s residence. The RF team scanned the offices for radiant devices that may be transmitting the recordings “back home”