Red Team Assessment is a type of assessment aimed at simulating the types of attacks carried out by malicious users and criminals when targeting an organization. The term originated within the military to describe a team whose purpose is to penetrate security of "friendly" installations, and thus test their security measures. As it is the case in real life attacks, the attacker has little or no information about its target to begin with and will do whatever possible in order to achieve his/her goals. Traditional security assessments focus on the technical aspects of security trying to identify the existence or lack of technical vulnerabilities in systems, applications and infrastructure. However, when trying to achieve their malicious mission, most criminals will usually choose the path of least resistance often based on exploiting much simpler weaknesses in the organizations beyond those that exist at a technical level. Most organizations focus their attention on the technical aspects of their security posture through the use of firewalls, intrusion detection and prevention systems, antivirus, endpoint security solutions etc. Unfortunately every security technology requires humans to operate it and physical security to protect access to it, aspects which are far too often neglected by an organization and therefore exploited by criminals.

In a Red Team Assessment only two things are established by Silensec during the engagement with the contracting Organization:

    • Crown Jewels – These are the targets for which the Organization wants to assess the risks associated to real criminals being able to get access to. Examples may include core banking systems, specific files, software source code;

    • Rules of the engagement – These specify how Silensec will be allowed to demonstrate the successful execution of an attack and the exclusion of any specific attack vector.

      • With regards to way a successful attack execution may be demonstrated, examples include leaving cardboard signs saying "Criminal Was Here!" in critical sensitive areas, leaving hand-lettered notes saying “Money has been stolen" inside safes, creating dummy administrator accounts on critical systems etc.;

      • With regards to the exclusion of specific attack vectors examples include setting a limit on the damage inflicted on the organization as part of the assessment (e.g. it may be permissible to break a door lock or a glass window but it may not be permitted to cut an electric fence. In order for the Red Team Assessment to be as realistic and possible and provide true value to the organization, the rules of engagement are meant to be proportionate to the value of the Crown Jewels. The higher the value of the Crown Jewels the more motivated the criminal can be expected to be.

A Red Team Assessment requires Silensec to simulate real criminal activities, depending on the rules of the engagement, such as trespassing physical security controls (e.g. fences or locked doors and windows), disabling CCTV cameras etc. As such Silensec requires the Organization to sign a Letter of Authorization, authorizing Silensec to perform such actions which would be otherwise punishable by law and resulting in criminal conviction of Silensec consultants.

Silensec Africa

Feel free to contact us if you have any problems.

Silensec UK

Feel free to contact us if you have any problems.