All in Red Teams
A few years back we performed a routine follow-up after a full Red Team assessment. The assessment was stuck after 3 days. Our customer really took our report and suggestions to make their security tighter to the letter.
We were unable to find a way in via their public facing networks. On the physical side, the recon showed us that their guards and general security posture were also upgraded. During the 3 days phyical recon, we observed they put in place not only our suggestions but also hired an expert to make sure their security was tight. It was good to see this.
However, now we had a challenge and since we don't like to give an empty report to the customer...
Sometimes you spent weeks trying to figure out the best way to infiltrate your target, whether digitally or physically.
Sometimes all it takes is a trip to the back of the building.
A few months ago we were performing an initial recon on a new customer. He wanted us to check whether his security team did a good job in setting the perimeter. The finaly target was one of the server rooms inside the building, where their data center was located.
We arrived after hours and after laying low for a few hours, observing and collecting atmospherics, we decided to go around the perimeter to map it. In the past we've found vulnerable points of entries that were no visible from a single OP (observation post).
As we were coming to the back of the building, we noticed that the trash collecting trucks were leaving the building. The gates were open and there was no guards there, only a camera. We layed there observing for 40 minutes and nothing happened. After a brief exchange we went for it.
A few days ago a reader asked me if I could write a post about common uses of the Red Team Mindset. Think everyday activities, work, school and such. Think non-tecnical everyday Red Teaming.
Red Teams can solve problems through an indirect and creative approach, using reasoning that is not immediately obvious and involving ideas that may not be obtainable by using only traditional step-by-step logic.
Using “Ridiculous Thinking” a Red Teamer plays with the different sides of the problem, looking at it as if it was a hollow cube: you have the 6 external sides to check, however you can't forget the 6 internal sides. The idea here is to go beyond the visible, the obvious, and check also that extra thing that no one bothered to look at before.