Plan, Execute and Vanish: Everyday Red Teaming

by April 21, 2014 04/21/14
City Street

While “Red Team” often refers to a group of experts testing or infiltrating a physical or virtual perimeter of an opposing force, anyone can benefit by employing their same mindset in non-technical aspects. Think of everyday activities such as work or school. The goal is to enhance decision making.

Red Teaming can solve problems through an indirect and creative approach, using reasoning that isn’t immediately obvious. It also involves ideas that may not be obtainable solely through traditional step-by-step logic.

Using “Ridiculous Thinking,” a Red Teamer plays with the different sides of the problem, looking as if it were a hollow cube: you have the 6 external sides to check, however you can’t forget the 6 internal sides. The idea here is to go beyond the visible, the obvious and check also those extra things that no one bothered to look at before.

The application of this, coupled with other alternative analysis techniques provide a comprehensive set of potential adversarial attacks on a given concept, or in everyday parlance: it helps you decide whether something makes sense or not, whether something is right or not. It helps finding potential (or actual) problems with any given thing.

The Red Team Attack

Red Teams attack the classic three fronts: digital, physical and human. Exploit each front and its weaknesses separately and you might bring some insight, however exploit them as a whole to generate a more successful view of a real scenario where the adversaries win. Take this and apply it to everyday activities. When confronted with a problem, try to look at it as if the problem has an external and an internal side. What can you see from the outside? What’s the view from the inside? Where do the two fronts meet? Or where don’t they?

Once you have all of the facts and you’ve collected enough intel, you can then either attack the problem, or if something isn’t right, make a decision based on better information.

The same can be applied to your own plans. If you make it a habit to red-team your own thoughts and plans, you’ll be surprised with what you find. More often than not you’ll find ways around a solution you previously thought was the best and air-tight. It becomes relatively easy to look at things with a Red Team Mindset after doing it for a while. Once it’s second-nature, it’s almost impossible to shut off.

Red Teams play with situational awareness or lack thereof. Like an adversary, they identify patterns that lead to the breaking of the target. A good Red Team often exposes alternative ways to test policies and plans by using misdirection: using a noisy attack and let the target follow it, while having a secondary, stealthy attack that is the one which exploits the vulnerabilities found.

This often disrupts the way organizations react and more holes are found. Think about this when you’re faced with a decision: what’s the underlying reason for what’s in front of you? Is there something else you’re missing?

A Dynamic and Proactive Approach

Ultimately, you want to have a general posture of being proactive, being aware and thinking one or two steps ahead. It’s a good idea to be prepared and establish problem detection measures as well as deception traps. Make a future attack harder. The more you think this way, the easier it is for you to start seeing the signs and markers of problems coming your way. The more you analyze and assess your own plans and strategies, the easier it will be for you to spot weaknesses in the plan or future problems emerging from things that seemed trivial during the planning phase.

A proactive mindset will push you to seek better solutions for you and your friends and family. Your adversarial thinking provides the early problem detection that will not only help you make better decisions, but help those around you have a better understanding of what they face.

Apply the Red Team Mindset as:

  • Plan: Get your facts right, analyze the potential problems and make a plan.
  • Execute: Once you get the plan ready, go for it. Stop occasionally to see if you missed anything on the initial assessment, but just execute.
  • Vanish: Complete your plan and when you’re done, move on. Focus on the next thing.

I hope this helps in understanding the Red Team Mindset. Like with everything, you need to practice and practice. Some people are born with the proper mindset; others need to learn it.

Oh, and don’t forget Rule 1: Always have an escape plan.

Editor-in-Chief’s Note: U. Fridman is a senior information security consultant that specializes in detection of information security threats and response to security incidents. His background includes extensive experience in red team activities and management, information warfare, counter cyber-terrorism, industrial espionage, forensics analysis and other security services.


Are you getting more than 14¢ of value per day from ITS Tactical?

Please consider joining our Crew Leader Membership and our growing community of supporters.

At ITS Tactical we’re working hard every day to provide different methods, ideas and knowledge that could one day save your life. Instead of simply asking for your support with donations, we’ve developed a membership to allow our readers to support what we do and allow us to give you back something in return.

For less than 14¢ a day you can help contribute directly to our content, and join our growing community of supporters who have directly influenced what we’ve been able to accomplish and where we’re headed.

Click here to learn about all the benefits and Join!


The Latest
Squawk Box

ITS Guy Fawkes Morale Patch - Inspired by our original ITS Guy Fawkes design and numerous requests, we’ve created a patch to “remember, remember, the fifth of November.” November the Fifth marks a day of celebrating in Britain by burning effigies of Guy Fawkes and remembering the Gunpowder Treason & Plot. The history surrounding the plot, which created a day of infamy, is an interesting one with many lessons learned. Click here to learn more about the history behind this patch.

20 minutes ago
Leave a Comment

Apollo 9 Command Module, “Gumdrop,” docked with “Spider,” the Lunar Module. March 7, 1969. via historicaltimes

41 minutes ago
Leave a Comment