Sometimes red teams (the bad guys) are hired to test the capabilities of blue teams (the good guys). Some examples of this would be how Quick Reaction Forces (QRF) are pushed into a real-life scenarios to see how they’ll react, Infosec/IT teams are tested under pressure and Intel guys get a dose of deception.
One scenario we often play is the “rogue agent” or “underground criminal,” where part of the plan is to disrupt their listening capabilities.
In this situation, we communicate with someone inside the company or organization being tested and provide a way for their intel and QRF guys to test their skills. Of course we don’t make it easy for them. [Read More…]
This is the final article of the Inside Red Team Operations series, which is a walk through the Red Team process of planning, preparing and executing a security vulnerability assessment and penetration test; bad-guys style.
Part 1 examined the elements and techniques necessary for planning the operation while Part 2 showed how information gathered during recon is used to implement the plan. This article uses the previous elements to show how the plan comes together.
Staying safe and protecting your valuables when away from home should always be a priority. Like most people, you might think that your electronically locked hotel door is secure enough to keep out the unwanted. There’s no physical lock to pick and you need a key card to get in, that’s good, right?
Unfortunately, it’s not. There’s a tiny device out there that can open approximately one third of all hotel doors in seconds.
Editor-in-Chief’s note: This post was written by security expert U. Fridman and originally ran on his company blog, Red Teams.
A few years back, a customer asked us to test their newly installed (and very expensive) surveillance and security system. The product promised them an automated system that was so secure they wouldn’t have to place a security guard there.
After some recon we discovered that while the entrance was guarded by a very secure keypad + access card combination lock, the inside had an automated “unlock” sensor so if anyone wanted to come out, the door would unlock from the inside.
Using a high resolution night capable camera, we took photos of the door and lock. After careful review of the pictures we found out that the top and bottom of the doors were not sealed tight against the floor as we could see a tiny bit of light from there. A plan was set in motion.
Later when we arrived, we approached the door carefully and removed a piece of gear from our kit that would, hopefully, allow us to bypass the “very secure” lock: an old credit card.
We slid the old credit card under the door and… nothing.
After a few seconds we agreed that the sensor wasn’t picking the movement, maybe because we were too close to the door and sensors usually “look” a bit farther out.
We retrieved another credit card and we tied it up to a piece of metal string (essentially several springs from a pens click mechanism tied together). We pushed the card under the door again, then carefully we pushed it farther with the metal string. And farther, and farther and… voila! The motion sensor detected movement “from the inside” and unlocked the door.
We were in.
Big, expensive, digital lock defeated by an old credit card and a spring.
Today we’ll be looking at the 2nd part of our Inside Red Team Operations series, which takes us through the process of planning, preparing and executing a security vulnerability assessment and penetration test; bad-guys style.
In Part 1, we looked at some of the elements and techniques for planning the operation and the recon. In this part, we’ll see how the information gathered during the 1st phase can be used to plan the operation. [Read More…]
In this three part series we’re going to go through what it takes to perform a security vulnerability assessment that would ultimately end in the penetration of the target.
In part 1 we’ll talk about planning the operation, digital & physical recon and some of the kit we might need. In part 2, we’ll analyze the information gathered during the recon, plan and rehearse the operation and perform a dry run. This will test what we’ve learned and polish our plan. In part 3 we’ll execute the operation and plan for contingencies when things don’t go as planned. [Read More…]
Neal Stephenson’s cypherpunk novel Cryptonomicon contains a cryptosystem called Pontifex. This low-tech cryptographic algorithm uses a deck of playing cards to encrypt and decrypt messages.
Outside of the book, this algorithm is actually called Solitaire. It was designed by cryptographer and security expert Bruce Schneier at the request of Neal Stephenson. Solitaire allows secure communications without having to rely on computers or other tools that might indicate that cover channels are being used, or where access to a computer is not possible. It was designed to be secure even against the most well-funded adversaries with the biggest computers and the smartest cryptanalysts.
Solitaire gets its security from the inherent randomness of a shuffled deck of cards. Using this deck, keyed in a special way, two people can create a set of random letters that will be use to encrypt the messages. The process is somewhat slow, but it’s hard to spot that a deck of cards is being used to encrypt information. [Read More…]
In today’s society, our devices are constantly connecting to one another through multiple formats. These devices contain a multitude of different methods to ensure that we’re able to connect whenever and wherever we are.
Most smart phones contain connection abilities for X, EV and 3G/4G Cellular Networks, WiFi, Bluetooth and GPS. A simple device like a cell phone can have the ability to connect using all these six different methods!
These public connections are great for sharing and receiving information on the go, but unfortunately this means our devices are open to even more threats than ever before. For example, your cell phone may be connecting to different devices and networks in public without your knowledge. It’s very important to understand how to secure your devices against unwanted intrusion in order to keep your information safe while in public. [Read More…]
The art of war teaches us to rely not on the likelihood of the enemy’s not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable.
– Sun Tzu
Defined loosely, a Red Team is a group of experts engaged in the practice of viewing a problem from an adversary’s perspective. This adversary can be an enemy trying to infiltrate the perimeter, a competitor trying to get the latest marketing documents or a robber trying to break into a house.
The goal of most Red Teams is to enhance decision making, either by finding and pointing to the weak links in a security system or by simply acting as a devil’s advocate. [Read More…]
There’s a great personal security app for iPhone and BlackBerry called Silent Bodyguard I’d like to draw your attention to today.
Silent Bodyguard acts like a panic button that can be activated in two taps and immediately send a discreet SOS message and GPS Location every 60 seconds to whomever you’ve set as your emergency contacts.
I’ve been testing Silent Bodyguard on my iPhone now for the better part of three months, and am confident you’ll all work this into one of your go-to items in an emergency situation. [Read More…]