Internet Explorer has been in the press over the years for the number of vulnerabilities that it once had, but nowadays, Java is a prime target for red teams because Java is meant to run on 3 million devices – providing what’s called a large ‘attack surface’.
Attacking the software is getting harder these days, but there’s one component of an organization’s computer system that is always potentially vulnerable – and that’s the people who use the computers. Another technique is to send infected memory sticks to staff, who often plug them in to see what’s on them, and, again, the malware strikes!
Red team members can now use social media to find the names of staff as well as details of their experience, so that e-mails and phone calls from the red team can sound quite legitimate.
The other part of the solution is education of staff so that they don’t insert memory sticks or click on attachments from unknown sources.
The red team could, perhaps, get a piece of malware onto someone’s tablet, which then gets connected to network, which then starts opening security doors all the way to the mainframe.
But most organizations can learn from the types of vulnerability red teams exploit, and take steps to ensure that they are not at risk from them.
Link: http://it.toolbox.com/blogs/mainframe-world/welcome-to-the-red-team-56048