IT Security Horror Story #1: The Case of the Phantom Blood Red Team

October 29, 2013, Andrew Barratt, Managing Director, Europe

As a data security best practice, a Fortune 100 company performed penetration testing for years…but there was a problem.  The testing had always been limited to certain devices, one day a week, and between the hours of 1:00am and 4:00am.

One day, Coalfire was brought in to do a “Red Team” exercise - this is an unannounced attack on company networks, buildings, and employees that allows the attackers (Coalfire) use any methods necessary to compromise the company’s critical information, without constraining them to certain technologies, systems, or hours.

After careful planning, within a couple weeks, Coalfire gained undetected physical access to the company headquarters, attained persistent network access, viewed a ton of sensitive documents, and infiltrated several critical systems. With this level of intrusion, an attacker could bring almost any company to its knees.

The “Red Team” exercise brought many issues to the company’s attention that otherwise would have never been discovered…these activities go much farther than penetration testing. The benefits are enhanced organizational readiness, improved employee training, and optimized business and system performance levels. Independent “Red Teams” provide valuable and objective insights about vulnerabilities in an organization. They also help to maintain the effectiveness of defenses and mitigating controls that are already in place. Coalfire goes beyond the check-in-the-box to discover real risks to an organization before an attacker does.

Learn more about Coalfire Labs:
Penetration Testing
Vulnerability Scanning & Assessments
Social Engineering
Application Security

Read our other IT Security Horror Stories:
The 100 Million Dollar Getaway
The Ghosts Inside
Breaching a bank in 20 minutes

Past Horror Stories
Truth is SCARIER than Fiction Redux
Is your Network an Unsegmented Haunted House?
Digging your own grave with Default Credentials
Slow Network, Big Phish
The Case of the Phantom Blood Red Team
A Tale of Spooky Hosted Images
Ghost in the Machine
Tale of the Fake IT Rep
Truth is Scarier Than Fiction
The Case of the Phantom Technician

Andrew Barratt

Author

Andrew Barratt — Managing Director, Europe

Recent Posts

Post Topics

Archives