Feeding the Beast: Network Insurgency presented at Kiwicon20138AD 2018

by Syngularity0 ,

Summary : There's a metric bucketload of cool technology and awesome tools out there to support red team engagements, both physical and digital. But what about the *people* on the red team? Can you actually train someone to think and act like an adversary, rather than relying on 'experience', Twitter poopposting, or CEH/CISSP? Can you distil how different approaches refine and improve the way they think and act, rather than just their technical skills? Short answer: Yes! Long answer: Yeeeeeeesssss! (also with 30 minutes of talking)Red Teams wanting to boost their capabilities and simulating more realistic and effective adversaries will be introduced to using F3EAD - a US Special Operations Forces targeting methodology – as a framework for training and engagement. F3EAD is a targeting methodology developed to support counter insurgency operations characterised by complex environments and rapidly-moving adversaries. On a more abstract level, it is designed to allow a large, slow-moving organisation with cumbersome decision-making processes to act/react far more rapidly when confronted by an agile, quick enemy. Although relevant from a Blue Team perspective (threat hunting), it can also be adapted for Red Teams to build a simple, effective framework to conduct engagements with. It's not prescriptive, nor does it encourage ticking boxes for the sake of it, rather it emphasises adaptive and flexible engagement.