Alexa metrics

Cybersecurity Month: What is Red Teaming?

29 October 2018 by Jenn Granger

This Cybersecurity Month, are you ready to put security under the microscope?

Before November hits, we wanted to delve a bit deeper into some of cybersecurity practices that our sister company Secarma uses as part of its cybersecurity repertoire. In a world where a cyber-attack is an ever-present threat, to what lengths are you willing to go to protect your business?

Let’s take a closer look at two classic cybersecurity techniques that could help save your company from attack.

Red teaming

Penetration testing

Secarma conduct penetration testing to infiltrate your systems, finding flaws in everything from web applications to infrastructure, and even IoT devices, to get into your systems.

The term has evolved from a way of finding a single route to the core of your business, into a methodical testing regime of your entire network or system, your applications and devices. A typical penetration test usually lasts 3-10 days, with some extending to 20 days or more. The term is often used to refer to an offensive style security test on a single target.

But cybersecurity specialists are willing and able to take penetration testing a step further.

 

Red teaming

In cybersecurity, a red team is a group of highly-trained security specialists and hackers, willing to go to extreme lengths to show that your business is insecure.

Basically, red teaming is a multi-layered simulated attack which attempts to find the fatal flaws in your business’ security, allowing organisations to address the cyber threats that are very real and could potentially bring you down.

Not only do they attempt to break into your computer systems (through penetration testing), looking for any weak links that ‘black hat’ hackers would look to exploit, they also test the security of your physical premises or if it is possible to manipulate staff through social engineering or phishing attacks.

But how?

Red teamers are goal-oriented, with the sole aim being to see how far they can get into your business – not just your IT systems.

A member of the red team (an Attacker or Aggressor) is brought in to test the effectiveness of a security programme, using techniques that are likely to be used by unethical hackers looking to penetrate your business.

Some examples of this might be:

  • An ‘Attacker’ might see if they can walk through your business’ front door
  • Get past your reception desk and use your lift
  • They might see if they can walk into your offices
  • Plug in a laptop
  • Insert a USB (which black hat hackers might fill with corrupted files intended to damage your systems)
  • Or even sit down in an important technical meeting

Yes, that’s right – all this has been done before. How far do you think a red teamer could penetrate your offices?

A red teaming duration can last from two to six months – not always continuous – and tends to be of a more dynamic nature, reacting to the particular company and the methods their blue team (their own IT or security team which is fighting back against them) use to deal with the red team’s attack.

It sounds intense – is it for me?

They say that a good offence is the best defence, and red teaming certainly doesn’t leave you on the back foot. Any SME can use red teaming as a proactive approach to security because the safety of your business should be number one on your priority list.

A red teaming session is only the beginning – after this, you must plug all the security gaps that the red team uncovered, making sure your company is watertight and you can sleep knowing your data and systems are fully secure.

Want to find out how safe your business really is? Speak to our cybersecurity experts to find out more.

Discover more