RED Team Attack Simulation
Let's get real
Cyber security incidents and data breaches are becoming more sophisticated and financially motivated.
On the cyber threat landscape, we are seeing a transition of actors from random whiz-kids and activist hackers to disciplined, well-organised criminal groups.
In recent research data released by the Ponemon Institute and IBM Security, cyber crimes accounted for 18.6% of all crime in Singapore. The average cost of a data breach per organisation in the ASEAN bloc sits at about S$2.7m, with the time taken to identify and subsequently contain an attack clocking in at 287 days; this is an increase from 2019, when the average cost and response time were about S$2.6m and 259 days respectively.
Public and market expectations for security has, and is continuing to grow rapidly. Legislations have also been evolving to keep in step, with examples such as Singapore’s Amendments to the PDPA to increase the maximum data breach fine to 10% of a company’s annual turnover or SGD 1 million, whichever is higher.
how it works
Adversarial Attack Simulations (Red Teams Attack Simulations) are the most realistic way to test the resilience of not only your IT controls (i.e. firewalls), but also of your people, processes and facilities. Our attacks aim to expose tangible and non-repudiable security flaws that require remediation.
Simulating a team of skilled and motivated attackers, the Privasec RED Team will craft and execute a series of real-life attack scenarios to breach your security by any means possible (within the boundaries of the law and what is agreed with you). We will combine intelligence gathering, social engineering, hacking, physical intrusion and other deceptive techniques to compromise your defences and expose your most critical information.
Red Teaming VS Penetration Testing
As opposed to traditional testing, Red Team attacks are multi-layered and focus on the objectives rather than on the method, allowing our team to think outside the box to create innovative scenarios you may not have planned or prepared for, allowing to you to identify blind spots in your defence strategy. A Red Team attack scope primarily defines the don’ts (i.e. what cannot be done) rather than the do’s, leaving our Red Team as unrestricted as an attacker would be.
Process of Engagement
Your lead consultant will discuss the objectives of the assessment as well as the methods, techniques and systems excluded and included from the scope of the exercise. You can also ask for specific methods to be included if you need to test a particular process or policy (access card cloning, random dropping of USB infected sticks, etc).
Timeframes will be discussed and agreed upon prior to commencement and will vary depending on the required level of sophistication desired.
You will be notified one day prior to the commencement of the attack by your lead consultant. Our RED Team will remain anonymous so as not to influence the results of the attack in either way.
Our RED Team will conduct reconnaissance activities, including physical surveillance, intelligence gathering and signal scanning, to identify potential gaps in security controls and craft targeted and concerted attack scenarios which they will then execute.
You will be provided with regular updates on the progress of the exercise.
At the conclusion of the exercise, a formal report will be presented to you, detailing step by step, the attacks carried out along with supporting evidence, the results of each scenario and prioritised recommendations to reduce your exposure to future attacks.
For financial institutions, Privasec follows the CORIE approach when red teaming.
RED Team attacks are effective through its ability to provide ‘clear-cut’ evidence when exposing your security weaknesses. It bypasses the risks/ potential and other ‘ifs’ to deliver tangible evidence which cannot be argued against.
The Industry’s Leading Red Team
Let us Secure your Brand and Business
Find out how we can help to test your defences and/or train your staff. Our well-honed and customised approach allows us to start your red teaming activities in as quickly as 24 hours, while ensuring minimal impact to your business activities.