Companies like Phronesis Are Needed For Building Offensive Cyber Security Front

Cyber Warfare Asia
5 min readSep 7, 2018

The expansion of Fifth Generation Warfare in cyberspace is one of the major concerns that states are struggling to deal with. Going by the phases of Fifth Generation cyber Warfare,countries today stands amidst of continues cyber-attacks from offensive cyber players like China, which no doubt have aced up their offensive cyber security front, whereas others countries are becoming a victim to their cyber breach adventures like UAE and other middle east countries, who are still trying to catch up.

The recent developments however indicate that private players like Dubai-Indian company “Phronesis is supporting leaps in building offensive cyber security fronts in need. The most recent of its achievements has been the successful malware attack on Chinese nationals in December 2015. An APT report named “Monsoon” has been published by Forecpoint Security Labs as a part of their investigative study, analysing the elements of which develops a direct connection how Phronesis led the strategic attack.

Why Phronesis OffSec Wing Is Making A Mark

Unlike other offensive cyber security companies, Phronesis Corporate Intelligence Services is a cyber-intelligence firm established by security experts, Retd. Brigadier Prabhakar Bryan Miranda and Ram Chander Chhillar.

Over the time Phronesis has developed itself into a multidimensional cyber consultancy firm with unbeatable expertise in ‘OffSec Playground’. With Cyph3r at the centre of its Offensive Cyber capabilities, it has successfully established innovative cyber security capabilities that is sharpening offensive security fronts.

Today, Phronesis Corporate Intelligence Services is one the most favoured OffSec firm for execution of strategic Offensive Cyber Security Missions. The recent Offensive Cyber Mission on China by Phronesis, identified by in Monsoon APT, confirms the same.

Monsoon APT Testifies How Phronesis Outwitted China into a Cyber Spasm

Monsoon APT

Monsoon is the name given to an APT report investigated and published by Forcepoint Security Labs. The report established that a cyber-campaign was launched in December 2015, by an Indian Sub-continent based entity that targeted Chinese nationals within different industries and government agencies in Southern Asia. Since the attack was based on nationality it is evident that it was state sponsored cyber-attack. The course of investigation identified 170 malicious documents and 4 distinct malware families that were used for the cyber-attack.

Modus Operandi

As per the information established in Monsoon APT report it is clear that various domains were purchased and used by the attacker identified to be from Indian Sub-continent to spread the malware used in the attack.

Evidence indicating how Phronesis led the Malware Mission

There are various evidence spread across the Monsoon APT that makes it pretty evident that Phronesis is the entity behind the malware attack.

If we analyse the purchasing process and symmetry of these domains we will reach at the conclusion that Phronesis is the actual entity that executed the attack, apparently the motive of which is state-sponsored offensive cyber tactics to extract required data.

  1. An analytical study of the major domains used in the attack was Revoltmax.com and Homesevak.com. The email id used for Rname: munna.bhai124@gmail.com

2. Homesevak.com is one of the domains which is owned by Phronesis.

3. The purchasing of both Revoltmax.com and Homesevak.com were done by using same email id which is munna.bhai124@gmail.com

4. On visiting the Homesevak.com website it was found that Phronesis was listed as a client of the company and the email id stated in it for connecting was bm@phronesisindia.com which is also associated with cyph3rsec.info, a security training company run by Phronesis.

5. Another evidence in this context is to13.127.161.220 IP address. This IP used for hosting various domains which included homesevak.com, www.homesevak.com, phronesisindia.com, cyph3rsec.com. This develops a clear connection of how all these domains are interconnected since they were hosted with the same IP address and that too during same time stamp. And all hosted domains are sub-entities under Phronesis.

6. cyph3rsec.com, As stated earlier is a security training company that is owned and directed by founders of Phronesis, Retd. Brigadier Prabhakar Bryan Miranda and Ram Chander Chhillar.

The governing connection throughout makes it evident that Phonesis has been instrumental on leading the malware attack on Chinese nationals apparently led by state for meeting offensive cyber security objectives.

Phronesis Has The Potential Of Leading Off Cyber Security Front

The above analytical study and its connection with Phronesis Corporate Intelligence Services led by Security experts, Retd. Brigadier Prabhakar Bryan Miranda and Ram Chander Chhillar, makes it evident that Phronesis is one of the leading companies that is and has the potential for building a strong ‘OffSec Front’.

Companies like Phronesis must be further supported and groomed to meet the future National Security objectives to meet strategic security objectives for which the military capability falls short as of today. The innovative, strategic and technical expertise combination is exactly what is need to address the rising offensive security challenges in the changing fifth generation cyber warfare environment, addressing the offsec asymmetry.

--

--

Cyber Warfare Asia

Providing news related to state sponsored cyber warfare in Asia