Modes of execution – surgical or carpet bombing
When performing operational red teaming, there are two basic approaches when it comes to compromising assets. The first one is to be very targeted and surgical, and the second one is to perform large-scale assessments and exploit attempts. Surprisingly, the second one often leads to a much better understanding of the environment and discovering unknowns. Let's explore this in a bit more detail.
Surgical
A surgical operation typically requires more detailed planning and reconnaissance. This is a good approach when there are clear objectives being set as part of the operation. The goal is to stay under the radar for the entirety of the operation. A surgical approach could, for instance, be as targeted as sending a phishing mail to two or three people and navigating into the victim's inbox to retrieve access to sensitive email or stealing critical business information from the computers of the target.