Physical Penetration Test – The Use of “Red Teams”
Traditional continuity drills are a great way to test your system with scenarios based on scripted exercises. However, it is natural for people to behave in a certain manner when they know an exercise is being monitored. The benefit of an unscripted penetration test using Red Teams is that plans, procedures, and systems can be tested in a real-world setting without the actual loss or damage to assets.
These tests are the best way to find out where the true gaps in your security and training exist. CRSI has an in-depth knowledge of security measures and where to look for gaps in these measures. Our team has extensive experience conducting penetration tests with an outcome of greatly improving your security plans and to strengthen the security awareness of your employees.
Common penetration tests include:
- Breaching fencing or other perimeter barriers
- Acting as a visitor to attempt access to secure areas
- Social engineering to gain access to information
- Looking through garbage in public areas
- Tailgating or piggybacking through secure areas
A scenario that demonstrates the effectiveness of Red Team exercises:
During a tour of the facility, an escorted group passes through a common area such as a cafeteria, break room, or lobby. One of the visitors places several USB thumb drives on visible surfaces in the area. Once this is done, the remainder of the tour passes without incident and the visitor leaves. At some point, an employee is passing through and picks up one of the USB drives. Days later, the employee plugs in the USB drive to the computer in their office, which immediately installs a program that hijack’s their system and prompts the employee to call a phone number for a code to uninstall the program.
In this scenario, the program on the USB drive was harmless and was intended to bring greater security awareness to the employees of the organization. Despite the company’s policy that unknown transient devices be reported and not used on any computer with access to the internal network, the employee did
not think of the potential consequences. However, the penetration test exposed a lack of training which could have resulted in malicious code being introduced to the organization’s network and negatively impacted assets.
CRSI strategically partnered with more than 250 electric utilities in the last five (5) years for their NERC CIP Compliance Solutions. To find out more about how to create your Security Compliance Roadmap, call us today to schedule a free, no obligation consultation.