ACT Regional Event – Open to all members.
Traditional penetration testing seeks to find vulnerabilities and configuration issues within a computer network and exploit them. Also referred to as Ethical Hacking, it is a legal and authorised (by the network owner) activity. Whilst this concept has had some success, organisations are now moving to Red Teaming, the practice of challenging plans, policies, systems and assumptions by adopting an adversarial and intelligence-led approach. This is a much broader approach, often taking longer and requiring more resources. The intention of a malicious attacker is usually to gain intelligence, steal information or encrypt a network. Criminal hackers are becoming persistent, taking their time and gathering organisational intelligence prior to and during this attack. Red teaming is designed to emulate this ‘hacker’ activity. Red teaming activity may be broadly classified as achieving a holistic compromise, a specific compromise or an assumed compromise of a computer network.
Engebretson, Patrick, The Basics of Hacking and Penetration Testing (Elsevier Science & Technology Books, 2013)
Oakley, Jacob G, Professional Red Teaming (Apress L. P, 1st ed, 2019)
Nigel Phair is the Director of UNSW Canberra Cyber. He is an influential analyst on the intersection of technology, crime and society. Nigel has published three acclaimed books on the international impact of cybercrime, is a regular media commentator and provides executive and board advice on strategy, risk & governance of technology. He has served a 21 year career with the Australian Federal Police where he achieved the rank of Detective Superintendent. He headed up investigations at the Australian High Tech Crime Centre for four years, and is the founder and managing director of a technology ‘start up’ company and is a non-executive director on a number of Australian boards.