Red Team Rising: New Era Tactics

It’s a race to the next innovation in security and hacking, and in a remote-working world, the path is more dubious than ever before.

Red Team Assessments, or real-world cyber attack simulations, are designed to imagine the worst case scenario to put an organization’s defenses to the test against present-day malicious methods. But with an expanded attack surface amid the COVID-19 pandemic, experts believe that in order to address potential vulnerabilities in millions of home offices across the country, the increasingly popular Red Team Assessment needs an update.

These concerns are only amplified by weak links in the hasty transition to remote work environments that occurred this year, which included everything from incorrectly configured work laptops to overloaded company VPNs. Where a Red Team Assessment draws on real tactics to identify a system’s pressure points, a Red Team Assessment for the COVID era needs to take both companywide and home cybersecurity practices into consideration.

Luckily, experts are working to address the challenges besetting the remote workforce—such as our focus on VPN security and our new Remote Worker Risk Assessment. This is how we usher comprehensive assessment and Red Teaming into a new era.

In The Red

Technically speaking, your existing cybersecurity precautions shouldn’t change dramatically during COVID-19. Experts advise that to stay secure, it’s important to take the same fundamental steps that you would in a pandemic-free world. However, key adaptations are needed to preserve your organization’s social distancing and public safety protocols while still auditing your environment in an exhaustive manner.

For instance, if a Red Team Assessment involves Certified Ethical Hackers attacking your organization to simulate a real attack, an updated virtual scenario can involve tabletop exercises to discuss the simulated emergency and test your present response capability. These exercises, like the classic Red Team Assessment, are easy to conduct via teleconference and can reliably evaluate your remote work environment’s defenses.

To prepare for a companywide Red Team Assessment, organizations can also work with their providers to produce a threat modeling report. According to Thomas Richards, red team practice leader at Synopsys, the report “looks at the [security] systems, how they are deployed, what the organization is planning to deploy, and asks a bunch of questions about the design and setup to see how [it] could be abused, or where any misconfigurations could live.”

When it comes to the Red Team Assessment itself, experts suggest paying special attention to your organization’s help desk. Operators should be suspicious of anyone contacting them, particularly individuals who claim they can’t get access to the system and need help bypassing the authentication process.

Last but not least, addressing corporate endpoints is crucial in the remote world. Keeping your eye on employee credentials and suspicious correspondence will ensure your organization isn’t compromised from within.

Solution Selection

The right Red Team Assessment is critical to ensure the safety of your organization—but how do you choose a top-of-the-line provider? You can start by asking the right questions and selecting a provider with qualified Certified Ethical Hackers and proven success in the highly specialized field of red teaming.

That’s where BAI Security’s rigorous Red Team Assessment comes in. Using multiple attack vectors, we mirror the reconnaissance, planning, and wide range of skilled assault methods used by today’s motivated hackers and state sponsored actors, answering the question, “What is the real-world effectiveness of my existing security controls against an active, skilled human attacker?”

Get the answers you need for your organization’s security, and contact us today.

Posted in BAI Security Blog, Cyber Security Audits, IT Assessment Tools and tagged , , , , .