This is how a hacker can lure you into exposing your company to attacks

In a Red Team drill, an elite team of trained professionals from our Cyber Security Services unit engages in an all-out attempt to gain access to customer systems.

Author: Taija
Date: 22.03.2017
Read Time: 2 Minutes

red teaming, red team, red teaming test

 

Attackers capitalize on people’s carelessness and helpfulness to…

 

A man wearing a suit and carrying a briefcase enters the building, appearing to be extremely busy. He walks to reception and introduces himself as a consultant working for a well-known global company. He explains that he’s late for a very important meeting.

The consultant doesn’t have an ID badge. But he mentions two employees of the company that he agreed to meet. The man emphasizes that he’s already late for the meeting, and begs the receptionist to let him in.

The receptionist tries to call the employees that the consultant mentioned, but neither of them answers the phone. That’s no surprise – both are on a business trip on the other side of the globe. The consultant explains that there’s a large sum of money at stake. This explanation, and the implied consequences of delaying the meeting, intimidates the receptionist into letting the consultant in the building.

In reality, the man in a suit isn’t a business consultant. He’s a cyber security professional trying to break into the company’s information systems using any means necessary. It’s what’s called a Red Team – an exercise where cyber security professionals test customer organizations by trying to find vulnerabilities that can lead to data breaches.

Even though the example above is fictional, our security experts use similar tactics in real Red Team drills. Made-up stories and disguises are useful tools to access buildings that would otherwise be restricted to the public.

“To date, our cyber security professionals have a 100% success rate in Red Team drills,” says Janne Kauhanen from our Cyber Security Services unit.

Read the full story

This story is based on an article by the Finnish broadcasting company, YLE, published online on March 5, 2017.

Let us in. Keep them out.

Considering a Red Team exercise? Find more information here or contact us:


Post Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s