Red team exercises
A red team exercise is an all-encompassing attack engagement of the organization with the intent to try to gain access to a system by any means necessary. A red team exercise usually includes the following activities:
- Reconnaissance activities, including public data gathering, Open Source Intelligence (OSINT) gathering, and other publicly available information-gathering activities
- Cyber penetration testing (trying to get in over the wire)
- Physical breaching attempt (trying to get in through the front door)
- Testing for the presence of Plain Old Telephone System (POTS) modem access (war dialing), which is especially valuable in the industrial world where modems are quite often a forgotten access point into the ICS network, installed by an equipment vendor in the 90s and then forgotten about
- Testing of all wireless and Radio Frequency (RF) systems that are present for potential wireless access (wardriving and RF hacking)
- Testing of employees...