Simulated targeted attacks, also known as red teaming or attacker simulation, are increasingly employed by organisations to prepare for real world cyber-attacks. Context can target the full range of an organisation’s digital defences, mimicking the tactics, techniques and procedures deployed by real attackers, and using everything from custom-developed malware to social engineering.
As attackers become more sophisticated, it is important that organisations assess their capability to resist and respond to cyber-attacks based on an understanding of the key threats they face. A red team exercise goes further than identifying gaps in your security practices and controls to prevent an attack; it can provide valuable insights about the organisation’s capability to identify attacks in progress and remove them from the environment. It can provide an objective way to assess the full range of security tools, processes and other controls deployed across the whole environment.
With significant experience in social engineering, malware reverse engineering and targeted attack analysis, Context can devise and deliver a variety of attack types based on real world threat scenarios and the knowledge of our threat intelligence experts. Each engagement is customised to the client and tailored to the attacks they are likely to face.
A simulated targeted attack starts from the same position as a real attacker would, be that an adversary researching your organisation from the internet, or a malicious insider.
Most assessments begin with a reconnaissance phase using public data such as social media postings and other information exposed to the internet. The information gathered is used to plan and deliver a multi-stage attack, identifying assets of interest such as key systems and critical data.
Context will deliver a detailed report showing the attack paths identified during the assessment, showing the activities undertaken and the ease of exploitation, as well as provide mitigation advice where vulnerabilities have been identified. This enables you to understand the security risks and to consider what steps can be taken to mitigate these risks. We can also provide in-depth post testing support if required to assist you in developing a more robust cyber security strategy.
Red team exercises have the goals of improved readiness of the organisation, better training for defensive practitioners, and inspection of current performance levels. The in-depth penetration of your business, conducted across an extended period and involving multiple attack layers, will put your security posture to the test like nothing else.
Context is certified to carry out CBEST and CREST STAR engagements:
The Bank of England’s CBEST scheme is a framework to deliver controlled, bespoke and intelligence-led cyber security tests for financial institutions. These tests are designed to replicate the behaviours of threat actors that have been identified as posing a genuine threat to financial institutions. Context is experienced at performing CBEST engagements, having completed 12 out of the first round of 36 CBEST engagements.
CREST Simulated Target Attack and Response (STAR)
Context is qualified to provide STAR assessments which take threat intelligence information to deliver highly targeted attacks against an organisation to simulate sophisticated threat actors. We have been performing STAR assessment engagements for global clients for many years; we use real-world data about attackers collected through our experience in the field, enabling us to perform focused and realistic exercises.
Additionally, Context have experience delivering ongoing programmes of red teaming, examining specific areas of concern and assessing the range of controls deployed in close collaboration with the organisation’s defensive teams.