Red Teaming in Time of COVID-19

COVID-19 is bringing disruption in how people were used to work. Everyone needs to adapt to a
new life and work style: it may be Work from Home (WFH), new tools, change of working hours and
change of habits.

This wide change of routine and behavior is also affecting the threat scenario landscape of our lives,
organizations and governments.

In this talk I’d like to point out how COVID-19 is increasing the risks organizations are now exposed
to, and I will focus how security professionals, as well as criminals, can (ab)use such change to
execute new or increase the efficacy of previous attacks.

The analyses will try to cover the three main domains in which I, as Red Teamer, could attack an
organization: Cyber, Physical and Human Domain, as well as point out some details of common
attack methodology that can be quickly changed to increase the success rate of offensive
operations.