In September, join us at Infosek 2022 for our Red Team Against Malicious Hackers – 1:0? talk, where we’ll show you how creative ideas can boost the effectiveness of security testing and hacking simulations.
What will Matjaž Kosem, Grega Prešeren and Andrej Gornik talk about?
Testing cyber resilience is increasingly being carried out through so-called Red Teaming exercises. Red Teaming is a form of cybersecurity test where the operators use the same methods, tools and approaches that cyber criminals exploit in their work. Such a test is conducted over a long period of time and requires specific skills and a high degree of creativity on the part of the performers. In this talk, we will use a real-life example from one of our projects to show how creativity led us inside the network. A malicious code installed on the customer’s system for more than ten years offered an opportunity to sneak into the network in an unusual way. A proper time bomb! Harmless by itself, but in the right hands (potentially), a disaster.
Join Carbonsec Red Team on Thursday, 8 September 2022, at 11:00 (Section 1).
What is Red Teaming?
Red Teaming is a form of cybersecurity testing in which a contractor – the Red Team – simulates a hacker attack and attempts to break into a client’s IT system. Unlike a penetration test, where the whole IT team is usually informed about the test, Red Teaming is only known to a handful of employees on the client’s side or even just one single person. The test is carried out over a long period of time, and the Red Team has to make sure that it reaches the target of the test covertly, i.e. that the Blue Team does not detect it (IT department or Security Operations Centre – SOC) on the client’s side. To reach the goal, the Red Team uses all the attack methods used by hackers: from social engineering, intrusion into the internal network and data mining. The results of Red Teaming are an excellent cue to improve the detection of security incidents in the organisation and, consequently, to strengthen its security posture.