{"id":370,"date":"2024-09-17T09:00:00","date_gmt":"2024-09-17T08:00:00","guid":{"rendered":"https:\/\/www.northit.co.uk\/posts\/?p=370"},"modified":"2024-10-10T17:11:23","modified_gmt":"2024-10-10T16:11:23","slug":"red-teaming-what-is-that","status":"publish","type":"post","link":"https:\/\/www.northit.co.uk\/posts\/red-teaming-what-is-that\/","title":{"rendered":"Red Teaming, what is it?"},"content":{"rendered":"<p>It\u2019s a typical Monday morning at the office. The coffee machine\u2019s working overtime, everyone\u2019s getting settled, chatting about their weekend&#8230; pretty normal stuff. But in the middle of all that, there\u2019s someone who doesn\u2019t quite belong. Someone who\u2019s not just here to do their job, but to see if they can get away with something. This person? A <a href=\"https:\/\/www.northit.co.uk\/red-teaming\" target=\"_blank\" rel=\"noopener\"><span style=\"color: red;\">red team<\/span><\/a> member, lets call them <strong>Sam<\/strong>. And no, they\u2019re not going to be sitting behind a screen sending phishing emails this time. They\u2019ve come to your office in person. Yup, you read that right.<\/p>\n<p>So, how do they do it? Let\u2019s take a stroll through the office and find out.<\/p>\n<h2><strong>Blending In\u00a0<\/strong><\/h2>\n<p>First off, Sam isn\u2019t exactly walking in with a hoodie and sunglasses like it\u2019s some spy film. They\u2019re a bit more subtle. Maybe they\u2019re posing as a delivery driver\u2014because, honestly, who questions a delivery driver? Or a &#8220;consultant&#8221; carrying a clipboard. Clipboards are magic, honestly\u2014hold one, and people assume you know what you\u2019re doing.<\/p>\n<p>And boom\u2014they\u2019re in. No fuss. It\u2019s like watching a chameleon blend into a room full of identical plants. Only, this chameleon is eyeing up the room to find weak points. Maybe they even scored a visitor badge. You know, those badges everyone assumes means, \u201cYep, this person\u2019s supposed to be here, let them roam free.\u201d Just like that, they\u2019re wandering your office.<\/p>\n<h2><strong>Access Points<\/strong><\/h2>\n<p>Once they\u2019ve blended in, it\u2019s time to see just how &#8220;secure&#8221; things really are. Sure, you\u2019ve got fancy keycard access and cameras, but\u2026 are people actually paying attention? I mean, how many times have you held the door for a colleague, not even thinking twice about it? It\u2019s polite, right? Or maybe that door near the loading bay? Left open just long enough for someone to sneak in.<\/p>\n<p>Tailgating is the name of the game here, and it works more often than people want to admit. Sam? They\u2019re banking on someone\u2019s good manners to slip in behind them.<\/p>\n<h2><strong>Exploring the Office<\/strong><\/h2>\n<p>Now, Sam is on the inside, doing a bit of recon. Walking around, casually eyeing up every unlocked desk, peeking at monitors, maybe even snagging a quick look at those sticky notes people love to leave on their computers with their passwords. (Seriously, people still do this.)<\/p>\n<p>And don\u2019t even get me started on unattended laptops in meeting rooms. That\u2019s like finding buried treasure. All it takes is a couple of minutes of digging around or plugging in a dodgy USB stick, and they\u2019ve got access to sensitive files. No need to crack any code\u2014it\u2019s all there, ripe for the taking.<\/p>\n<h2><strong>Getting to the Heart of It<\/strong><\/h2>\n<p>At this point, Sam is feeling pretty good. They\u2019ve blended in, gotten past the initial barriers, and now? They\u2019re hunting for the big stuff. Maybe it\u2019s gaining access to the server room\u2014nothing screams &#8220;power move&#8221; like pretending to be from IT. One polite \u201cI\u2019m here to check on something\u201d and they could be planting a rogue device on the network, capturing traffic, or pulling sensitive data.<\/p>\n<p>Or maybe it\u2019s not even that complex. Maybe someone left a keycard on their desk. Even better\u2014an admin\u2019s keycard. Jackpot.<\/p>\n<h2><strong>The Great Escape<\/strong><\/h2>\n<p>Now that Sam has got what they came for, it\u2019s time to make a quiet exit. No alarms, no questions, just walking right out the way they came in. Maybe they even strike up a chat with someone on the way out\u2014why not? The goal is to leave with no one being the wiser, and by the time you realise something\u2019s off? They\u2019re long gone.<\/p>\n<h2><strong>The Debrief \u2013 What Just Happened?<\/strong><\/h2>\n<p>After the job\u2019s done, the Sam will give your organisation the full report and guide of how they got in, what they found, and what they could have done if they were real attackers. It\u2019s a bit of a shock to see it all laid out, especially when it\u2019s stuff you thought was locked down tight. But that\u2019s the beauty of the <span style=\"color: red;\">red team<\/span>. They show you where the holes are, so you can fix them before a real attacker takes advantage.<\/p>\n<h2><strong>Final Thoughts<\/strong><\/h2>\n<p>Most people think cybersecurity is all about firewalls and passwords, but sometimes, the biggest vulnerability is just someone holding the door open for a stranger. <span style=\"color: red;\">Red team<\/span> exist to test those weaknesses, not just digitally but physically too. And while it might be unsettling to think about someone walking through your office like they own the place, it\u2019s far better to find out where your security fails with a <span style=\"color: red;\">red team<\/span> than a real attacker.<\/p>\n<p>Next time you hold the door for someone, maybe just ask for their ID. You never know who might be testing you.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>It\u2019s a typical Monday morning at the office. The coffee machine\u2019s working overtime, everyone\u2019s getting settled, chatting about their weekend&#8230; pretty normal stuff. But in the middle of all that, there\u2019s someone who doesn\u2019t quite belong. Someone who\u2019s not just here to do their job, but to see if they can get away with something. [&hellip;]<\/p>\n","protected":false},"author":5,"featured_media":220,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_daextamp_enable_autolinks":"","footnotes":""},"categories":[61,7,6],"tags":[],"class_list":["post-370","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-security","category-vulnerabilities"],"_links":{"self":[{"href":"https:\/\/www.northit.co.uk\/posts\/wp-json\/wp\/v2\/posts\/370","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.northit.co.uk\/posts\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.northit.co.uk\/posts\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.northit.co.uk\/posts\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/www.northit.co.uk\/posts\/wp-json\/wp\/v2\/comments?post=370"}],"version-history":[{"count":56,"href":"https:\/\/www.northit.co.uk\/posts\/wp-json\/wp\/v2\/posts\/370\/revisions"}],"predecessor-version":[{"id":564,"href":"https:\/\/www.northit.co.uk\/posts\/wp-json\/wp\/v2\/posts\/370\/revisions\/564"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.northit.co.uk\/posts\/wp-json\/wp\/v2\/media\/220"}],"wp:attachment":[{"href":"https:\/\/www.northit.co.uk\/posts\/wp-json\/wp\/v2\/media?parent=370"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.northit.co.uk\/posts\/wp-json\/wp\/v2\/categories?post=370"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.northit.co.uk\/posts\/wp-json\/wp\/v2\/tags?post=370"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}