Advanced Persistent Threats? Red Team!

APT stands for Advanced Persistent Threats, the type of targeted attacks where a group of people direct all their efforts to develop attacks for a certain system, spending months and years on it. This type of attack is a complex and very well thought-out; this is why these attacks are very hard to detect. Even major corporations like Google who spend multi-million budgets on security could be vulnerable to such an attack.

A company cannot completely prevent APT attack, but risks could be lowered significantly by finding a place for a Red Team among the company employees.

A “red team” is a number of employees who act as white-hat hackers, a group of experts working for the company and finding vulnerabilities in the corporate security shield. To make sure a red team is performing well, a few principles should be considered.

Confidentiality

The security officer should be the only person aware of the red team working in the company.

Hacker mentality

Red team members must consider security questions as hackers would, taking into account the criminals’ experience and knowledge.

Critical approach

The red team should adequately estimate the security system capabilities in reflecting certain attacks.

Red team should work in a company on a permanent basis. They should be allowed to think out of the box, and act creatively, attempting new types of hacks every time. If the company is opposed to this approach, the red team’s job might as well be limited to replicating security audit reports, losing its idea completely.


Back to the list