Red Team

Red Team Engagement

Red Team Assessment (Red Teaming) is an activity where a group of white hat hackers (or penetration tester) perform a series of activities to assess the company’s security readiness towards real-world cyber threats. Red teaming aims to ‘attack’ an organization’s digital and physical infrastructure to evaluate the organization’s security defense and posture, at the same time targeting to obtain any sensitive and beneficial information.

Red Teaming usually emulates several malicious actors to penetrate the organization’s digital and physical infrastructure security. Typically, a group of penetration testers masquerading different identities relevant to the scenario seeks to challenge the organization’s staff security awareness. Methods commonly include, but not limited to:

Red Team EngagementSocial Engineer

Wireless HackingWireless Hacking

Eternal AccessExternal Access

LGMS Red Teaming

LGMS is an industry leader with a long-standing reputation in providing world-class professional services to clients from various industries, locally, regionally, and internationally. LGMS Red Team Engagement focuses on assessing a facility’s security, both digitally and physically.

LGMS Red Team Engagement Process:

1. Understanding the security

In the first stage of red team engagement, the team would take a field trip and observe the target and its location. The exercise aims to perform deceitful conversation with the employees or known as social engineering, to gather useful information about the target location, while observing the surrounding of the security infrastructure.

During the engagement, the testers usually carry different false identities (masquerading) roles such as customer, accountant, or police officer to perform the first stage of the red team.


2. Strategic planning

After gathering enough information about the target location, the red team will design a definite plan for the execution strategy. A checklist of actions will be provided to each member of the red team based on their roles to compromise every possible scenario. Every scenario from the list is taken into account, ultimately to cover every likely scenario or loophole in the target location.

Actual Footage

3. Red Team Execution

Finally, armed with a plan, the red team will attempt to infiltrate the target location. Different identities will also be utilized in this phase to achieve their needed, yet different goals. For example, several team members will pretend to be a customer to divert the attention of the staff or employee. Another team will attempt to perform the required infiltration, which includes but not limited to; installing malware into public kiosks or workstations, pasting unnecessary QR codes in false advertisements on the surroundings, etc.

Another team of experts will pretend to be individuals of importance, for example, an auditor or accountant, to gain access to highly sensitive or confidential areas such as safe rooms or filing rooms, to gather highly classified information of the target area. Dumpster diving around trash bins and also printer spaces will also be performed to obtain sensitive corporate data.

Everything is a Possible Target

“Not all companies are ready for a Red Team Engagement as the exercise targets your company’s technology, people, and physical assets.”

Red Teaming provides broad coverage of your company’s readiness to face hackers, be it through physical access or external access to your systems.

Red Teaming should only be performed by an ethical and professional organization with mature security experience, as a successful Red Team engagement would result in said organization gaining access to your company’s private information. This is done preferably by a company that has multiple penetration testing experiences and is widely recognized for its professionalism.

More About LGMS

Let’s understand how LGMS could help to secure your business.

Has MySejahtera helped curb Covid-19?
The original article “Has MySejahtera helped curb Covid-19?” was published by K. Kathirg...
活力加油站 (Living Delight) -网络安全成隐忧?
完整视频”网络安全成隐忧?”来自 活力加油站 新冠肺炎(COVID19)疫情期间, 居家办公已逐渐成为常态。然而,这趋势背后却隐藏着网路安全的隐忧。 大马电台 八度空间 (8TV) 活力加油站 采访了...
The original article was published by SHIVANI SUPRAMANI at The Sun Daily. Cost and functionality the main factors considered when buying device that is both a work tool and status symbol PETALING JAYA: It is inconceivable that anyone would go without a smartphone today. Statistics show that there are an estimated 30.41 million smartphone users in […]