Cyber Attack Readiness

Now more than ever, organisations require assurance that the investment they are making in both cyber & physical security is working and keeping malicious attackers at bay.

Full Spectrum Red Team

 

Why Full Spectrum Red Team?

Once commissioned for a project, our elite security team take the role of a malicious intruder and carry out covert hostile reconnaissance (both physical and cyber) followed by a full-blown covert attack against the target organisation.

Working to pre-agreed rules of engagement the team use a wide range of techniques to try to gain access & bypass security defences, including; social engineering, covert entry, intelligence gathering, dumpster diving & technical surveillance. At the end of the mission we will provide a C-level recommendation report, detailing the key areas for remediation.


Typical mission

A typical mission would involve the following key elements:

  • Threat/Risk Assessment
  • Hostile Reconnaissance
    • Intelligence Gathering
    • Dumpster Diving
  • Authorisation & Task Confirmation
  • Physical Attack
    • Social Engineering (phone & email)
    • Physical entry/covert entry
    • Access into buildings/locations
    • Hostile device placement
  • Cyber Attack
    • Remote access to hostile devices
    • Compromise of network assets
    • Malware (benign) deployment


Why work with us?

Combining both physical & cyber exploitation, we are the only choice for a the most realistic security test available.

Core to the ethos and success of the service are:

  • Market leading reputation
  • Strict & robust vetting of all staff
  • Permanent employees
  • Cohesive approach
  • Global reach
  • Extensive experience

 

Download overview PDF   Contact us

 

 

Physical Social Engineering

 

Our social engineering services are designed to highlight gaps in your staff's security awareness and help to improve your future security posture.

A physical security assessment will focus on the measures and processes in place to secure your environment against attacks that rely on a lack of security awareness in your staff and so-called “social engineering” attacks.

Physical security weaknesses will normally be either procedural or cultural. Some organisations have excellent procedures that are simply not followed correctly due to a poor understanding of the need for appropriate security (cultural), or the procedures themselves are weak or absent (procedural).

During a physical security assessment NCC Group will:

  • Utilise Open Source Intelligence gathering techniques
  • Perform reconnaissance and surveillance
  • Assess physical security
  • Use people skills to circumvent technical controls to access sensitive areas of the organisation or restricted locations.
  • Manipulate staff to identify protected information such as passwords or allow access into their workspaces.
  • Determine the level of response to threats.

 

 

 

Download overview PDF   Contact us