2024-11-11 –, WestIn - Munich
In this light-hearted session led by experienced red teamers, participants will explore the intricate world of physical security breaches in corporate settings. The presentation will focus on practical techniques like caller-ID spoofing, social engineering, and rogue device deployment, alongside undetected infiltration and objective attainment. Through engaging narratives, including a night-time operation in a European high-security facility, the speakers will demonstrate how to navigate high-pressure scenarios. The talk aims to provide a clear understanding of physical breach dynamics, potential challenges, and their impact, empowering attendees with insights into the art of physical intrusion.
We start the presentation with an introduction of who we are, how we ended up in the red team and how we started with physical breaches at NVISO.
We will go over a few our our encounters with performing physical breaches and the techniques we used to get in and achieve our objective. We will highlight the do's and don'ts of infiltrating companies and reaching objectives without getting caught. The highlighted techniques include caller-id spoofing, social engineering, tailgating, planting rogue devices such as Raspberry PIs and keyloggers, dropping USBs... . With these stories, we will recall how we got out of tense situations such as getting surrounded and asked questions while in a sensitive department. This includes a story in a highly secured OT environment located within a mountain in Europe, where Moritz and another colleague infiltrated during nighttime.
The purpose of this talk is not to go into deep technical details, but to provide insights into what physical breach scenario's look like, what can be expected or unexpected, and the impact that it could have on a company when performed by a real attacker.
physical, social enginnering, red team
Moritz developed an interest in hacking computer programs & video games during his Bachelor's computer science studies and soon acquired a distinguished set of skills in binary reverse-engineering. A few years later, he wrote his Master's thesis about conceptualizing and implementing a modular proxy for IoT appliances at NVISO. Right after his studies, he decided to join NVISO and embark on a journey into (mostly) offensive IT security.
Today, he is a senior IT security consultant and red teamer at NVISO ARES (Adversarial Risk Emulation & Simulation) where he coordinates and participates in research & development efforts. When he isn't infiltrating networks or exfiltrating data, he is typically knees deep in research and development, working on new techniques and tools in red teaming.
With more than 15 years of experience in programming, 5 years in binary reverse-engineering and three years in professional offensive IT security assessments, he feels like he is just getting started!
Firat is a senior red teamer within NVISO. His specialties include the whole red team attack cycle, mainly the internal network and Active Directory part, as well as physically breaching company defenses.