Red Team service is an attack simulation service that checks with all possible scenarios how prepared organizations are for any attack that may occur in real life. A well-designed Red Teaming methodology will expose risks in technology infrastructure, human factor and physical security. It is defined as the organization of pre-designed attack simulations in order to increase the architectural and configuration efficiency of the physical, operational and cyber security infrastructures of the organizations.
This term, developed by the US Department of Defense (DoD), has been used by public and private sector organizations that attach importance to critical infrastructure and security over time. Attack simulations organized by teams of independent security experts (RED Team) can cover the following topics;
- Data Hack
- Unauthorized Access
- Service Interruption
- Sabotage
- Espionage
The most important feature that distinguishes RED Teaming from infiltration tests is that it has no limit. It is an in-depth service where different attack
Red Team service is an attack simulation service that checks with all possible scenarios how prepared organizations are for any attack that may occur in real life. A well-designed Red Teaming methodology will expose risks in technology infrastructure, human factor and physical security. It is defined as the organization of pre-designed attack simulations in order to increase the architectural and configuration efficiency of the physical, operational and cyber security infrastructures of the organizations.
This term, developed by the US Department of Defense (DoD), has been used by public and private sector organizations that attach importance to critical infrastructure and security over time. Attack simulations organized by teams of independent security experts (RED Team) can cover the following topics;
- Data Hack
- Unauthorized Access
- Service Interruption
- Sabotage
- Espionage
The most important feature that distinguishes RED Teaming from infiltration tests is that it has no limit. It is an in-depth service where different attack
vectors are applied together. While detailed tests are carried out on all systems of the institutions, the business manners of the institution during the time spent in the locations are also under examination, and possible vulnerabilities are tried to be detected and exploited.
The number of experts also increases according to the size of RED Team projects. Team members with customer references selected from globally valid certified experts such as CEH, OSCP, OSWP have specialization in more than one subject. These specializations include but are not limited to;
- LAN Systems
- Wireless Network Systems
- IT Security Systems
- Systems That Meet the Internet and Manage Traffic (including Traffic Shaper, etc.)
- Industrial Control Systems
- Embedded systems
- Station Systems
- Physical Security Systems
- VoIP Systems
- Cloud Systems
- Automation Systems
- Systems Specific to Data Centers
- Monitoring and Analysis Systems
- Web and Mobile Applications
- Customized infrastructures such as SAP
- Targets for Social Engineering
- Wireless Connection Management Systems
The training and development of RED Team members is supported and motivated by UITSEC Technology. For this reason, various support activities
such as domestic and international trainings and certification incentives are carried out. Continuous research and development are among the primary objectives for stretching the boundaries of imagination and developing different scenarios in the unit, where continuous monitoring of current cyber threats is a necessity.
In the tests carried out by the RED Team, vulnerabilities in physical, operational and cyber systems are searched one by one. To give examples of these vulnerabilities;
- Physical Vulnerabilities
- Poorly secured personnel entry/exit doors and windows
- Areas with insufficient staff
- Accessible telephone and data lines
- Operational Vulnerabilities
- Shipping packages with insufficient control
- Employees without knowledge of social engineering
- Employees who do not care about the security of their ID cards
- Involuntary disclosure of confidential information
- Backdoor deployment by malicious software developer
- Attempts by a malicious employee to hack data of the system
- Cyber Vulnerabilities
- Misconfigured IT Security Systems (FW, WAF, SIEM, etc.)
- Copyable RFID cards
- Exposure to phishing and ransom attacks
- Systems with missing updates
- Improperly developed web applications
- Vulnerabilities of Sessionless web applications in data encapsulation algorithms (Ex: JWT)
- Possibilities of circumventing the IPS signatures of the newly emerging vulnerabilities
The basis of cyber attacks on the network also includes physical Red Team attacks at some point. Attack methodology starts over cable or wireless networks. According to the request of the institution, anonymous attacks are carried out on the wireless networks from within the institution or if no measures are taken to attack the wireless networks, anonymous attacks are carried out on the wireless networks in places close to the institution. In attacks on wired networks, it is tried to recover the security measures (isolation) in the network by connecting cables to the empty ports within the organization.
Many tools and technologies can be used during the application of the prepared simulations. Although not limited to the following, many tools and technologies can be used according to the needs during the execution of the tests.
The list of devices that can be used when communicating with infrastructures is shared below.
- Master key
- Software Defined Radio (SDR)
- RFID Reader/Writer
- Jammer
- Hidden camera
- Tape Recorders
- Wi-Fi Pentest ToolKit
- Bluetooth Test Dongle
According to the nature of the tests, there are many infrastructures used for cyber attacks. These infrastructures, tool or technology will be included in these studies.
Working Method / Methodology
The aim of Red Teaming is to obtain realistic risk and threat information against technology, human and physical assets.
- Technology: Networks, applications, routers, switches, tools, etc.
- Human: Employees, departments, business partners, etc.
- Physical : Offices, warehouses, substations, data centers, buildings, etc.
The UITSEC Red Team uses a comprehensive, risk-based approach to manually identify critical vulnerabilities found in all in-scope applications during physical and digital testing.
Within the scope of RED Teaming service, studies are carried out with the following operation. Red Team work basically takes place in 7 steps.
The structure that forms the basis of physical Red Team attacks is exploration. In order to collect as much information as possible about the institution where the attack will be carried out and to overcome physical security, it is tried to collect more data, then the necessary scenarios for infiltration are determined according to the vulnerability detected (lack of security procedure, incorrectly adjusted imaging system, ID control system insufficiency, etc.) and simulation is developed. Plans are made after the developed simulation and the implementation phase is initiated. The gaps on the system are determined by organizing the attack. If it is successful after the attack, it proceeds to the point requested by the institution. The whole process is reported and it is aimed that the organization will get maximum efficiency from the study.