โ†’ Engage Now
Cyber Threat Advisory ยท 2026

ADVANCED ADVERSARIAL SIMULATION

IT+OT ยท APT Methodology ยท 360ยฐ Attack Surface

Elite offensive security for Indonesia's most critical institutions โ€” financial infrastructure, industrial systems, and public services. We answer the question every CISO must confront.

โ†’ Request Briefing View Services
28
DAYS
Avg. undetected dwell time in networks (M-Trends 2025)
$6M
USD
Avg. cost per data breach in financial sector (IBM 2025)
90%
IDENTITY ATTACKS
Orgs experienced phishing, session hijacking, or credential theft
355%
OT/ICS RISE
Attack increase on industrial control systems (2020โ€“2025)
ACTIVE THREAT INTELLIGENCE ยท INDONESIA THREAT LANDSCAPE ยท 2026
01 โ€” About BlackPyrus

WHO
WE ARE

BlackPyrus is an elite offensive security firm specializing in full-scope adversarial simulation for Indonesia's most critical institutions.

"If a sophisticated threat actor targeted your organization today โ€” would you know?"
Pacific Century Place Lt.39, District 8, SCBD ยท Jl. Jend. Sudirman Kav 52-53, Jakarta Selatan
Mission
To expose critical vulnerabilities before real adversaries do โ€” protecting institutions that underpin the Indonesian economy and public trust.
Vision
To be Indonesia's most trusted offensive security partner for financial institutions, industrial infrastructure, and public services.
Core Value
Adversarial Precision. Absolute Discretion. Measurable Impact.
02 โ€” The Threat Landscape

WHY IT
MATTERS NOW

28
DAYS
Average dwell time for espionage actors in a network. You may already be compromised.
$6M
USD
IBM cost per data breach in the financial sector (2025). One incident. Six million.
90%
ORGS HIT
Experienced identity-related incidents: phishing, session hijacking, password theft.
355%
ICS ATTACKS
Rise in attacks on industrial control systems from 2020 to 2025.
Primary Attack Vectors in Indonesian Institutions
Phishing & Social Engineering
Targeting employees via email, voice, and physical pretexting campaigns.
Credential Theft
Password spraying, brute force, and credential stuffing from data leaks.
Supply Chain Compromise
Exploiting trusted vendors and third-party software integrations.
OT/ICS Intrusion
Attacking SCADA, PLC, and HMI systems via IT-OT convergence points.
Insider Threat
Malicious or negligent internal actors with privileged access.
03 โ€” Red Team vs Penetration Testing

UNDERSTANDING
THE DIFFERENCE

Penetration Testing
ObjectiveFind as many vulnerabilities as possible
ScopeDefined, limited systems or applications
Duration1โ€“2 weeks
Blue Team Aware?Usually yes
Attack VectorsTechnical only
OutputList of CVEs and vulnerabilities
Regulator ValueCompliance checkbox
VS
โ˜… Red Teaming โ€” BlackPyrus
ObjectiveSimulate a real-world targeted attack to achieve specific business objectives
ScopeFull organization โ€” people, process, and technology
Duration3โ€“6 months (full campaign)
Blue Team Aware?No โ€” blind test for realistic response measurement
Attack VectorsTechnical + Social Engineering + Physical Access
OutputAttack narrative, business impact, kill chain, detection gaps
Regulator ValueBoard-level risk intelligence and OJK-ready reporting
04 โ€” APT Simulation Methodology

ADVANCED
PERSISTENT THREAT

BlackPyrus replicates the full lifecycle of nation-state and organized crime threat actors โ€” not just technical exploits.

01
Reconnaissance
Passive & active OSINT, mapping employees, systems, vendors, digital footprint, and physical access points.
02
Weaponization
Custom payloads, phishing lures, and social engineering scripts built specifically for the target.
03
Initial Access
Delivery via spear-phishing, watering hole, physical device drop, or public-facing app exploitation.
04
Persistence
Backdoors, scheduled tasks, registry modification, maintaining access through credential rotations.
05
Privilege Escalation
Elevating from standard user to domain admin, root, or OT engineer via misconfigurations.
06
Lateral Movement
Pass-the-Hash, Kerberoasting, RDP pivoting, traversing the network toward the crown jewels.
07
Objective Achieved
Data exfiltration, operational system access, ransomware simulation, or demonstrating OT control.
Framework Alignment: MITRE ATT&CK TIBER-EU Cyber Kill Chain (Lockheed Martin) NIST CSF
05 โ€” IT & OT Security Coverage

BEYOND IT โ€” INTO
OPERATIONAL TECHNOLOGY

IT Environment
  • Web & API application security assessment
  • Core banking & fintech platform simulation
  • Active Directory & identity attack chains
  • Cloud infrastructure (AWS, Azure, GCP)
  • Email & collaboration platform phishing
  • Wireless & network segmentation testing
  • Social engineering & physical access test
OT / ICS / SCADA Environment
  • ICS/SCADA architecture risk assessment
  • PLC & HMI vulnerability identification
  • IT-OT convergence point attack simulation
  • Network segmentation & DMZ validation
  • Historian server & DCS security testing
  • IEC 62443 & BSSN framework alignment
  • Zero-disruption passive assessment method
All OT assessments use passive reconnaissance and non-intrusive techniques โ€” zero operational disruption guaranteed.
07 โ€” Our Services

FULL SPECTRUM
OFFENSIVE SECURITY

SVC-01 Flagship
Full-Scope Red Team Engagement
End-to-end adversarial simulation covering all attack vectors. Includes OSINT, initial access, persistence, lateral movement, and objective achievement. Delivered with executive and technical reporting.
SVC-02 Industrial
OT/ICS Security Assessment
Non-intrusive assessment of operational technology environments. Covers SCADA, PLC, DCS, and HMI systems against IEC 62443 and BSSN standards.
SVC-03 Human Layer
Social Engineering Campaign
Multi-vector human attack simulation: phishing, vishing, smishing, and physical pretexting. Includes employee awareness metrics and department-level vulnerability scoring.
SVC-04 Intelligence
Threat Intelligence & OSINT Report
Comprehensive intelligence profile of your organization's external exposure โ€” dark web monitoring, credential leaks, attack surface mapping, and supply chain risk.
SVC-05 Purple Team
Assumed Breach Simulation
Simulate a scenario where an attacker already has initial foothold. Tests lateral movement, detection capability, and incident response team effectiveness.
SVC-06 Ongoing
Red Team Retainer & Advisory
Monthly retained engagement for continuous security validation, threat emulation, and board-level security advisory services.
06 โ€” The PPT Framework

PEOPLE. PROCESS.
TECHNOLOGY.

A breach doesn't require a zero-day exploit. It only requires one weak link in your PPT chain.

P
P
People
The Human Attack Surface

Employees remain the most targeted entry point. BlackPyrus assesses your human layer through:

  • Spear-phishing campaigns with real-time click metrics
  • Vishing (voice phishing) targeting finance & IT staff
  • Physical pretexting and tailgating simulations
  • Executive impersonation scenarios (CEO fraud)
  • Security awareness gap analysis and reporting
P
P
Process
Security Workflow & Response Gaps

Flawed processes create invisible corridors for attackers. We test the effectiveness of your security workflows:

  • Incident detection & response time measurement
  • Change management and access control validation
  • Privileged access management (PAM) bypass testing
  • Third-party and vendor access process review
  • Security policy enforcement gap analysis
T
T
Technology
Infrastructure & Tool Effectiveness

Technology without proper configuration is a liability. We evaluate the real-world performance of your security stack:

  • EDR/XDR bypass and evasion testing
  • SIEM detection rule validation
  • Firewall and network segmentation assessment
  • Identity provider (SSO, MFA) attack simulation
  • OT/ICS technology-specific vulnerability assessment
08 โ€” Portfolio & Experience

PROVEN
TRACK RECORD

Client identities are held strictly confidential. Portfolio references available under NDA upon request.
โ˜… Banking & Financial
Regional Private Bank (BPD)
Full-Scope Red Team
Achieved domain admin in 11 days via spear-phishing and AD misconfiguration. Simulated core banking data exfiltration.
National Private Bank
APT Simulation + Social Engineering
Compromised 3 C-level accounts via CEO fraud simulation. Exposed critical SWIFT monitoring gap.
Fintech Lending Platform
Web + API Red Team
Identified IDOR vulnerability enabling mass account takeover. Escalated to full platform admin access.
โ—† Government & Public Sector
Regional Government Agency
Full-Scope Red Team
Physical breach of server room achieved via tailgating. Extracted sensitive citizen database credentials.
State-Owned Enterprise (BUMN)
OT/ICS + IT Red Team
Demonstrated IT-OT pivot path from corporate network to SCADA HMI of operational facility.
Public Service Application
Web Application Red Team
Authentication bypass and privilege escalation affecting 2M+ registered users.
โ–ฒ Industrial / Consumer Goods
Large-Scale FMCG Manufacturer
OT Security Assessment
Identified direct network path from corporate IT to production PLC systems with zero segmentation.
Consumer Goods Distributor
Supply Chain Red Team
Compromised ERP system via trusted vendor access. Full visibility into pricing and customer data.
Food & Beverage Plant
ICS/SCADA Assessment
Demonstrated ability to alter production parameters via unsecured HMI with default credentials.
09 โ€” Why BlackPyrus

OUR
DIFFERENTIATORS

01
IT + OT in One Engagement
Most security firms operate in silos โ€” IT or OT, not both. BlackPyrus delivers integrated red team engagements that test the full convergence point, critical for modern industrial and financial institutions.
02
Real APT Tradecraft
We don't run automated scanner-based tests. Every engagement uses actual adversary techniques mapped to MITRE ATT&CK โ€” the same methods used by nation-state and organized crime actors targeting Indonesia.
03
Board-Ready Reporting
We translate technical findings into business impact language. Every report includes an executive narrative, risk quantification, and regulatory compliance mapping (OJK, BSSN, ISO 27001).
04
Absolute Discretion
We never disclose client identities or engagement details. Our NDA framework and data handling protocols meet institutional-grade confidentiality requirements.
05
Indonesia-Focused Intelligence
Our threat intelligence is calibrated to the Indonesian threat landscape โ€” local APT groups, regulatory requirements, and sector-specific attack patterns in banking, government, and industry.
06
Strategic Location
Headquartered at Pacific Century Place, SCBD โ€” at the heart of Jakarta's financial district. Accessible for in-person briefings, war-room sessions, and executive debriefs.
11 โ€” Engagement Process

HOW WE
WORK WITH YOU

1
Week 1
Discovery Call
30-minute confidential briefing to understand your threat context, regulatory requirements, and engagement objectives.
2
Week 1โ€“2
Scoping & RoE
Define Rules of Engagement, scope boundaries, emergency contacts, and sign mutual NDA and authorization documents.
3
Week 3โ€“4
Threat Modeling
Build a customized adversary profile based on your industry, geopolitical exposure, and known threat actors targeting your sector.
4
Week 4โ€“10
Active Engagement
Full red team operation using APT tradecraft โ€” reconnaissance through objective achievement โ€” with minimal disruption.
5
Week 10โ€“12
Debrief & Reporting
Executive briefing with C-suite and CISO, followed by detailed technical report with remediation roadmap and priority scoring.
10 โ€” Business Scope

WHO WE
SERVE

๐Ÿฆ
Financial Institutions
  • Commercial & Regional Banks (BPD)
  • Insurance & Reinsurance
  • Securities & Investment Firms
  • Fintech & Digital Banking
  • Stock Exchange & Clearing Houses
๐Ÿญ
Industrial Infrastructure
  • Modern Manufacturing with SCADA
  • Food & Beverage Production Plants
  • Chemical & Pharmaceutical Industry
  • Energy & Utility Facilities
  • Consumer Goods Manufacturers
๐Ÿฅ
Healthcare
  • Modern Hospitals (Type A & B)
  • Healthcare Information Systems
  • Medical Device Networks
  • Patient Data Management
  • Telemedicine Platforms
๐Ÿ›๏ธ
Government & Public
  • Central & Regional Government
  • State-Owned Enterprises (BUMN)
  • Public Service Digital Platforms
  • Critical National Infrastructure
  • Law Enforcement & Intelligence
Compliance Support: OJK POJK 11/2022 BSSN Cybersecurity Framework ISO/IEC 27001 IEC 62443 UU PDP Indonesia
SECURE
10 โ€” Contact

LET'S TALK
SECURITY.

The most dangerous vulnerability in your organization is the one you don't know exists.

โ†’ secure@blackpyrus.com blackpyrus.com
Email
secure@blackpyrus.com
Website
blackpyrus.com
Office
Pacific Century Place Lt.39, District 8, SCBD ยท Jl. Jend. Sudirman Kav. 52-53, Jakarta Selatan, Indonesia