Red Team Theories - Emotional Awareness

I sincerely appreciate all of the positive feedback that I have received for my last article.  I have decided to continue my work on this subject with a series of articles that I will release periodically.  These articles will focus on practical ways to implement the adversarial mindset to your daily life.  If you simply want to improve yourself or if you’re really adamant about becoming a “Red Teamer”, hopefully the information I will share in this series will prove useful.  This article, in particular, focuses on the importance of emotional awareness and more important, emotional availability.

The-Bourne-Identity-Gallery-12.jpg

"When people talk, listen completely. Don't be thinking what you're going to say. Most people never listen. Nor do they observe. You should be able to go into a room and when you come out, know everything that you saw there and not only that. If that room gave you any feeling you should know exactly what it was that gave you that feeling. Try that for practice." - Ernest Hemingway

Social Engineering

As the bad actor in an adversarial assessment you must explore all avenues of attack.  If you carefully examine past incidents involving security breaches, you’ll quickly learn that the human element of security is often the weakest.  The success of an attack is most often the result of human negligence.  So, for a moment, let’s put aside all of the technical skills that you and your group would need to be an effective red team.   Can you have and maintain a conversion with a stranger?  If you needed to extract information from your target without your expensive high-tech gadgetry, how would you do it?

There is a scene in The Bourne Identity that is often overlooked and actually used to bring levity to the story, but I feel it is most realistic scene in the entire film.  Bourne tasks Marie with gathering records from a hotel regarding a certain Mr. Kane.  He gives her an exhausting list of directions to follow once she enters the hotel.  As she walks inside, she sees a male front desk agent, he smiles at her.  Suddenly, the scene cuts to her meeting Bourne outside, records in hand.  Now, how do you think Marie was able to acquire those records without following Bourne’s direction?  Her feminine wiles?  Following Bourne’s questioning, she states she simply asked for them.  Don’t we all wish red teaming was that easy?  Marie tells Bourne that she told the desk agent she was Mr. Kane’s personal assistant.  Although, she provides a simple answer, the engagement was likely more complicated than that.  I believe she was able to tap into the most receptive part of the human person. 

Human emotion.

A few days ago, I had an interesting conversation with my girlfriend.  She works in property management.  On top of her daily tasks, she is constantly fielding problems, dealing with vendors, addressing tenant complaints, and managing her employees.  During our conversation, she said, “Whenever you need something from someone, never demand it.  Saying, ‘please,’ won’t help you either.  Instead, put yourself in a position of the needy.  State your problem and ask for help.”  People that ask for help are automatically people you feel you can trust.  Why?  Because they are trusting you to help them.

People in need of help trigger something in human beings.  They trigger emotion, it can be sympathy, sadness, in some cases it can even be pride.  When you put yourself in a position of need, especially in this particular way, you put your target in a position of power.  It will make your target feel like they hold all of the cards.  Whether or not that is  true is irrelevant.  Although, you never really see Marie’s engagement with the hotel agent, I would like to think the encounter was more complex than the movie makes it out to be.

This method of social exploitation, by it’s very nature, runs contrary to what you would normally expect from an adversarial engagement.  The goal is to be noticed.  You want your target to focus on you.  However, it is also important to understand the culture of the environment in which you are going to work.  Some people are more willing to help a man wearing a Verizon shirt asking for a restroom than they would a panhandler.   Remember your ABCs.

Emotional Awareness

To be truly effective in a social engagement, emotional awareness is essential.  To be aware of others, you must learn to be emotionally available yourself.  All of our emotions are inherently good.  Although, some may be uncomfortable, they are still good.  They are primal tools, which inform us of ourselves and our surroundings.   In the information age, emotional insensitivity seems to be norm, not the exception.  This leaves us at a disadvantage.  If it takes you more than sixty seconds to identify what you’re feeling at any given moment, you probably have an issue.

If you think about how the human body responds to stimuli, your body reacts first, then your emotions, and finally your intellect.  All three are meant to compliment each other.  Once your body reacts, you are meant to feel, and then temper those emotions with your reason.  So, how do you begin to put this into practice?   Next time you read a book, have a glass of wine, or dinner with your significant other, ask yourself how it made you feel.   The emotions are there, you just have to start giving them their proper attention.

Once you gain a better understanding of your own emotional state, you can purposefully begin to engage others.  Years ago, when I realized I was a bit emotionally underdeveloped, I decided to make a dramatic career shift.   The work forced me to engage people on a daily basis.   I encountered numerous difficulties.  In spite of that, I had to remain proactive, and I had to challenge myself.  And after two years, I found that I had I changed and grown in ways I never thought possible. 

So, if you find yourself lacking in emotional awareness, you know have work to do.  Red Teaming is a multifaceted and multidisciplinary field.  This particular skill will eventually be applied to any large scale social or cultural intel gathering activities.  Challenge yourself, do not fear failure, and embrace your own suffering.  It is the man that can properly harness his emotional state and recognize the emotional state of others, that will find success in whatever he chooses to pursue.   So, do you still want to be a red teamer?

“There are some games you don't get to play unless you are all in.” - Jordan B. Peterson

 

The Theory of Red Teaming - A Call to Action

GW RT Article.jpg

Since March 2018, I have been following the Red Team Podcast.  It is a podcast and blog dedicated to the subject of red teaming.  Now, you’re probably asking, “What is a red team?”  The concept is rooted in military history.  If that is of interest, just google Red Cell. A Red Team is a group that assumes the role of adversary and challenges another group to test and improve the efficacy of its strategies and procedures.   As the adversary, a Red Team will attempt to attack and exploit their target by any viable means necessary.  Vectors of attack can be physical, digital, social, and even theoretical.  The intention is to highlight the vulnerabilities of a target and eventually work with the target to eliminate those vulnerabilities.  Sounds cool, right?

The Red Team Podcast, however, dives deeper into the subject of what true red teaming is and discusses the mindset required to be an effective “Red Teamer.”  Ironically, the more you listen to the podcast, the more you learn that red teaming is quite difficult to define.  It spans numerous subjects of thought and study.  By it’s very nature, it proves difficult to provide a short and concise definition that encompasses all of its elements.  However, with all of the information provided in the podcast, the hosts (Uri and Dan) constantly field two questions in particular.  Hopefully, I can provide an answer to both that will be easy for average folk to understand.

“What is Red Teaming?”

 Ultimately, Red Teaming is a call to action.

It is about figuring out what you don’t know about yourself, and acting on that information.  It’s about self improvement.

From a security standpoint, it’s knowing your adversary.  It is about knowing who the hostile actors might be and what they want from you.  It is knowing how they will exploit your weaknesses and impose on your vulnerabilities. 

It’s imperative to know two things.  First, who is the adversary?  It can be a competitor, it can be a malicious hacker, or an insider threat.  “Insider threat,” means your adversary is within your own group or organization.  It is also important to realize that an attack will come through any viable means necessary.  It can be a physical attack, a digital breach, or simply through social engineering.

So, to truly define your enemy, the best course of action is to have an independent party, a Red Team, complete an assessment of your organization.  This Red Team will assume the role of your adversary.  They will carefully observe your practices, define habits and a method of exploitation, and finally commit a real world attack.   Afterward, they will report any discovered vulnerabilities, they should help you to mend them and help create any proactive response protocols deemed necessary.

From a Red Teamer’s perspective, your method of attack should be unique to what is observed.  If you truly want to service your client, remaining unpredictable is key.

Now, to the dismay of Uri and Dan, this usually leads to the second question.

“How do I become a Red Teamer?”

The answer is simple, but may be difficult for some to accept.

Build resiliency.

Many seem enthralled with the “cool factor” of red teaming, without realizing what is actually required of them.  They undermine the fact that red teaming requires a very specific mindset to achieve the objective.  It is not about what exploits you know or your locking picking skills.  If you really want to know what it takes to be a Red Teamer, apply the methodology of red teaming to yourself. 

What don’t you know?   What are your weaknesses?  Be sure to account for personal bias.  Speak with trusted friends, ask them to comment on your personality traits and your habits.  What do you do when you encounter difficulties?  Do you panic?  Do you quit?

Test yourself.  Put yourself in uncomfortable situations and see what happens.  Is there a particular skill set in which you lack expertise?  Say you have the digital capability, are you fit enough to properly accomplish a physical assessment?  If not, what are you doing about it?  If you don’t have the discipline to better yourself, what makes you think you can provide such a service to someone else?

To be a Red Teamer, you must have the strength of mind and character to embrace your own suffering.  Once you can achieve that, then the answer to this question should be clear to you.

“Do not sleep under a roof. Carry no money or food. Go alone to places frightening to the common brand of men. Become a criminal of purpose. Be put in jail, and extricate yourself by your own wisdom.” - Miyamoto Musashi

Review: GoRuck MACV-1

MACV-1

I received my first pair last month and I was so excited to put these to work, I forgot to take initial photos of the boots out of the box.  So, these photos were taken after about 50 miles on the books. Feel free to click any of the photos to enlarge.

The MACV-1 pays homage to the beloved Vietnam era jungle boots used by the United States military.  GORUCK modernized the design for today’s challenges and produced a boot they state is tougher, lighter, and more supportive.  To develop the MACV-1, GORUCK teamed with Richard Rice, US Army 1966-94 5th Special Forces Group and Paul Litchfield, a true treasure in shoe business with 30 years experience.

The MACV-1 essentially features a four part construction.  The uppers, the midsole, the outsole, and the insert. Let’s start with the uppers.

The Uppers

The uppers are made of leather and 1000 D Cordura.  They also have a strip of 2-inch nylon webbing to provide ankle support.  The use of Cordura nylon reduces the amount of leather used.  This really helps to reduce the overall weight of the boot and increases its breathability.  In addition, it adds flexibility without compromising ankle support.  At the very top they added doubled over leather for comfort, greatly appreciated.

GORUCK’s spearhead logo is featured on the tongue.  The tongue is also made of Cordura nylon, and is wide enough to allow for easy accessibility. On to the midsoles.

The Midsole

The midsoles are made out of a lightweight foam called EVA.  In testing, GORUCK attempted to use an EVA only outsole, but it didn’t provide enough traction.  To remedy the issue, they added a shielding rubber outsole. Other boots of this kind will usually have a rubber only outsole making the boots incredibly heavily. The EVA saves the weight, and make these boots feel more like a sneakers than boots. To bond these materials together without sacrificing durability, they used an adhesive bond tested at upwards of 12.5 kg of applied force, far surpassing industry standards.  These boots will take a beating.  

Shortly after taking these photos, I used the boots to help a family member with some junk removal.  As we were taking apart a large piece of wooden furniture to fit inside a dumpster, it somehow managed to tip over and one of the edges struck the side of my foot.  While it left a nice bruise and a few deep scratches on the sole, the sole itself was not compromised whatsoever. We also happened to be loading this dumpster during some heavy rain…and these boots are NOT waterproof.

That’s a good thing. Just above the midsole, the MACV-1 features drain holes.  GORUCK is actually proud to state that these boots are not waterproof.  They added two shielded drain holes that expel water and moisture while also keeping debris out.  These boots are made for walking (cue Nancy Sinatra), LOTS of walking.  Your feet need to breathe. Waterproof lined boots will definitely keep the water out however, they will also serve to trap and collect any moisture inside the boot and keep it there.  During sustained hikes or rucks, water that comes in over the top, any sweat build up, or any moisture accumulation will wreak absolute havoc on your feet.  These drain holes will keep your feet dry, and also prevent odor build up.

The Outsole

As you can see above, the bottom of the rubber outsole features a unique hexagonal pattern, with a triangular sub-pattern. This design provides great traction. GoRuck’s spearhead logo is prominently displayed at the center of the sole. The amount of rubber used usually determines the weight of a shoe. So, fusing this with the EVA midsole was a brilliant move.

The Workhorse Insert

The insert is fairly thin, you’ll find the manufacture date, item information, and the logo on the bottom side of the insert. According to GORUCK, it uses dual layered compression foam and provides contoured arch support. It’s worth noting, they use a similar dual layer method in the straps of their rucksacks. One layer is standard, the other is significantly denser to provide greater support and comfort. This insert has done a great job so far, I still haven’t had any issues with hotspots or blisters.

Overall Opinion

The MACV-1 is true to size.  However, I forgot to account for foot swelling.  While in use, I have felt pressure at the toes during longer rucks.  So, I’ve ordered my next pair to be a half size larger.  Once my next order arrives, I’ll use these as daily beaters and see how they hold up. GORUCK claims these boots require no break-in time. I found that to be somewhat true. Initially, they were a little tight above the midfoot where the laces begin. However, they only took 3-4 uses to properly break in.

I’ve also found that these boots are a great for travel. The use of Cordura fabric allows them to collapse and compress in ways ordinary boots cannot. They won’t take up much more room in your pack or suitcase than a pair of regular shoes or sneakers.

Now, I’ve read many complaints regarding the MACV-1’s appearance.  We’re talking about GORUCK here.  GORUCK’s design principles have always prioritized function first.  Aesthetics have always been and should always be secondary.  Their design principles are meant to give what you need, not what you want or what you think you need.  If you’re looking for style or perhaps to impress your friends, stop complaining and go buy a pair of $500 Whites Boots. 

Although, I praise many features of the MACV-1, this is a first generation model. Ultimately, we have to see how they hold up over time. As of now, I’m very satisfied with my purchase. They are surprisingly light and comfortable. I’ll be sure to keep this review updated with any success and/or failures.

I’m training to complete GORUCK’s Star Course (50 miler), which will take place in New York next September. Hopefully, I’ll be able to use a pair of MACV-1 while I earn the patch.

GORUCK is now taking pre-orders for the MACV-1 in Coyote Tan.  They are scheduled to ship the week of 12/17/18.

If you have any questions about the MACV-1, don’t hesitate to leave a comment below. Thanks!