Red Teaming

Business Insider Rides Shotgun as RedTeam Security Hacks the Power Grid

Written by
Jeremiah Talamantes

Just recently Producers/Correspondents, Paul Szoldra and Chris Snyder, from Business Insider were embedded with RedTeam Security as they conducted a red team engagement on a major power company. The power company was kind of enough to grant unprecedented permission to Business Insider to film RedTeam Security as they made their way through the red team engagement.

Business Insider is the largest business news site on the web and this video is a multi-part story they’re running on cyber security in Industrial Control Systems and Critical Infrastructure (power generation) in the U.S.

RedTeam Attack

Red Teaming

Red teaming is a multi-blended, adversarial based attack simulating attacks against people (social engineering), software (pen testing), hardware (pen testing) and physical security controls within facilities/buildings (physical intrusion testing).

Red teaming involves several facets of social engineering (email phishing/spear phishing, physical/onsite, telephone/SMS, fax), physical penetration testing, application penetration testing and network penetration testing, simultaneously. It’s aimed at revealing real-world opportunities for malicious insiders or bad actors to be able to compromise all aspects of an organization in such a way that allows for unauthorized virtual and/or physical access to sensitive information leading up to data breaches and full system/network compromise.

Business Insider Rides Shotgun as RedTeam Security Hacks the Power Grid

RedTeam In Action

The Engagement

Over a four-day period, RedTeam Security carried out a number of attack simulations against the target organization’s people, network infrastructure, and physical locations. The target’s facilities included power generation substations, supplier outposts, dispatch stations, and offices throughout about a 100-mile radius. RedTeam Security attack methods included various facets of social engineering, physical penetration testing, application penetration testing, and network penetration testing.

Our Target

We are happy to report that not all of our tactics were successful. Our target’s defenses were stronger in areas that we did not anticipate and they should be commended for that. We also want to commend their willingness to open their doors to the world in an effort to promote security awareness throughout their industry and others. We are even happier to report since the taping of this production, they’ve made great strides in the improvement of their security posture. A most sincere thanks goes to them for being so dedicated toward security awareness. Thank you.

About Business Insider

Business Insider is a fast-growing business site with deep financial, media, tech, and other industry verticals. Launched in 2007 by former top-ranked Wall Street analyst Henry Blodget and DoubleClick executives Dwight Merriman and Kevin Ryan, the site is now the largest business news site on the web.

Featured On

National TV news and media outlets often consult with us for our expertise as a boutique, high-touch ethical hacking firm highly trained in a narrow field of cybersecurity. Please click on any logo below to view the featured story.

Let’s reduce your organization’s security risk

Test the effectiveness of your own security controls before malicious parties do it for you. Our security experts are here to help.
Get a FREE Security Consultation
Who are we talking to?
Please use another email address.
Let us know what service you are interested in and/or any details you would like our team to know.
Your free security evaluation request has been successfully sent!
A security expert will be in touch soon!
Oops! Something went wrong while submitting the form.