SITUATION
FTI Cybersecurity was engaged by a US-based genetic research company to examine the outbound network characteristics of its DNA sequencing equipment and ensure compliance with Federal Trade Commission (FTC) requirements. The company needed to determine if the models of its sequencing equipment sold in the US connected to Internet addresses outside the US.
OUR ROLE
FTI Cybersecurity experts conducted an analysis including networking monitoring, software code review, operating system vulnerability assessments, and hardware schematics review. Our team conducted around-the-clock network monitoring of traffic produced by the company’s gene sequencer under varying conditions, including with the Internet connected and disconnected, and when the sequencer was active and at rest. FTI Cybersecurity created a temporary, private internal network to conduct vulnerability assessments against each operating system in use (including multiple Windows and Linux installations) and reviewed code involved in data transmission for potential leaks.
OUR IMPACT
During the initial network testing, FTI Cybersecurity determined the sequencing equipment made connections to several overseas Internet Protocol (IP) addresses. While most connections were associated with routine updates, the sequencer made multiple, repeating connections to one foreign IP address associated with the company’s headquarters. Working with the client and conducting a simultaneous source code review, FTI Cybersecurity determined that the initially tested software included an e-commerce package intended for customers in Asia. After conducting additional network testing of the software approved for US customers, it was verified that the approved US-version of the software did not make connections to the company’s foreign headquarters. FTI Cybersecurity produced an independent report verifying the expected and stated behavior of the client’s equipment’s network traffic and security posture.