Loop Secure has recently launched their Red Teaming service for customers around the country, headed up by cybersecurity expert Wayne Ronaldson.
Red teaming is the process of viewing a cybersecurity vulnerability from an adversary’s perspective and using that mindset to penetrate security in a real-time test of security controls, policy, technology and infrastructure both physically and virtually.
The Loop Secure Red Team are responsible for attacking their client’s ecosystems with the ultimate goal of figuring out how a determined threat actor would break into an environment – whether that be through a breach of a web application, or a combination of multiple vectors including social engineering, phishing, a phone call and trying to gain access into a physical office.
“If you want to prevent an attack, you need to think like an attacker,” comments Wayne Ronaldson, Red Team Leader of Loop Secure, “you play the devil’s advocate within the organisation and shine a light on gaps that that business may not notice.”
Ronaldson recently completed a presentation at the 2019 RSA conference in San Francisco where he presented his findings and development of his own cyber-espionage weapon based off the Assassin and Vault 7 tools associated with Wikileaks publishing of over 8000 CIA Documents <link to cyberscoop>.
Different to penetration testing, the Loop Secure Red Team service designs a combined digital, physical and workforce attack using the same tradecraft and tools used by the adversary to mimic the threat to key business assets.
“At its core, penetration testing is trying to find as many vulnerabilities as you can within a specific timeframe. You have a target system produce or source code and try to find as many bugs as possible. Red teaming tests beyond those boundaries to offline and external vectors based off open-source intelligence and building a threat profile,” comments Ronaldson.
The Loop Secure Red Team spend time researching adversary tactics and build custom tools to stay ahead. A standard service includes designing threat profiles and designing a small series of attacks including low-level vulnerabilities and misconfigurations to exploit the entire domain without the business knowing when they were in there.
“Basic office environments give us a plethora of vulnerabilities to break into. I’ve known projects where we’ve been able to get in via Wi-Fi controlled printers, or basic swipe system office cards,” says Ronaldson.
As more companies start to realise the scope of cybersecurity and the limitations of their own internal teams, they are looking to cybersecurity consultancies like Loop Secure to help expand that cybersecurity posture and stay ahead of attackers.
“A full red team approach can help prepare for modern attackers – and, in comparison to modern cybersecurity attackers, the red team will tell you what they did after they did it.” concludes Ronaldson.
If you'd like to learn more from our Technical Experts Guide to Offensive Cybersecurity and Penetration Testing, download here: