All in Digital

The fun house - Part 1

Red Teams
Digital, Physical, Red Teams

Once in a while you have a project that you know will be a lot of fun. One of the biggest telecom providers dropped a project exactly like that a couple of years ago.

They wanted a full red team assessment, including external and internal digital assessments as well as a physical one. The scope: the entire company. This included the corporate HQ and its employees, the service stores across different cities, local offices, mall stores and the factory. This was a HUGE project. They time allotted? 6 months. Perfect.

Internal assessments

Internal assessments

Red Teams
Digital

​Red team assessments and digital penetration tests not always involve trying to penetrate an organization's network or premises from the outside; sometimes you are tasked with checking what an insider or an adversary that physically got in can see from within your networks.

I've talked about this a bit in the hole in the wall and chasing the ghost in the machine but I just want to give you another example.

Sometimes the developers are the weakest link

Sometimes the developers are the weakest link

Red Teams
Physical, Digital

​Like the title says, sometimes the careless developers are the weakest link and the reason an organization's network gets compromised.

In this particular assessment the team spent close to a month trying to find a way in via the organization's main website, email server, database servers, routers and firewalls. We were hitting well configured and security hardened systems and we were getting close to the finish date for our project. I am sure that had we have more time we would have found an exploitable vulnerability.

The AA

Red Teams
Fieldcraft, Digital, Red Teams

​On a rather interesting project, I spent an hour trying to convince the assistant of a CEO (the AA) I was targeting  to open a PDF that contained important information that I needed the CEO to consider. It was important to me that she open it while I was on the phone because I needed to verify that I had a connection to their network via the code I embedded in the weaponized PDF. 

She wouldn’t have it. She kept on saying that she would open it later when she was free. Not good. Eventually she got tired of me (I was using every trick in the book to convince her!) and she said: “Fine! I’ll open it.”

Using red teams to track criminals

Red Teams
Fieldcraft, Digital, Red Teams

​The use of hacking (I hate the *ethical hacking* name) techniques can be used for more than penetration testing and red team assessments. In one occasion, my team helped a law enforcement agency in the collection of information that lead to the capture of a criminal.

The owner of a company contacted the authorities about a former employee that took with him very sensitive and valuable proprietary information. They have some proof of it and were hoping the authorities could help locating and acquiring the proof he needed to take this person to court.  

After a few months of not going anywhere the company contacted us to see whether we could help the law enforcement officials locate and track the former employee (I'll refer to him as Bob). We were given all the information, including some really nice open source intelligence collected by the good guys. Two pieces of information gave us a good lead: Bob's personal email and his social media information.

Digital Drones

Red Teams
Digital, Fieldcraft

​There has been a lot of talk about drones lately. There is no doubt that they are a valuable asset in the current war and they will most likely have a central role on upcoming wars.

But there is another kind of drone. The digital counterpart.

Digital drones are sophisticated little programs that hackers and security penetration testers have been using for years to recon their targets, to collect information, to download and upload malicious or utility code, to control the remote system or to attack it. They can also deliver a payload, execute it and self destroy.  

This is not new, we've been using these kind of programs to attack/recon since the 90s, however due to the increase support for more intelligent interfaces on operating systems, the drones too have gotten more intelligent and capable through the years.

Load More