All in Digital
One project I was involved in earlier on was the testing of the customer's digital quick reaction force (QRF). This group of security and IT professionals were supposed to be at the ready in cases where the organization's networks or systems were being compromised.
Usually the best way in would be a social engineering attack where we would send the target an email with a weaponized document or a link to a site with code that can exploit different vulnerabilities on their browsers, however this time we also wanted to see how good their security hardening practices were, how their perimeter was set and whether they were monitoring the different network devices at all.
So, you managed to social engineer your way into the network. You have backdoors installed and full control of a system with admin level access.
Now what?
A big part of the red team exercises is to show the vulnerabilities in an organization, be it digital, physical or human. Adversarial exercises provide another view of security and help the decision makers have a better understanding of where they are having problems.
Thinking like an attacker is key here.
On one project I was brought in to try to find out how internal, proprietary and confidential information was being leaked out of the company. This was a case of corporate espionage.
The security people inside the company were completely clueless. They monitored the network and firewall to try to find where the leak was coming from. They tried for several month and by the time I was hired they didn’t even know whether it was someone that have penetrated them from the internet or an internal job.