Red teams for the project "Hack the Pentagon"
On Friday, June 10, US Secretary of Defense Ashton Carter summed up the project, which was launched on March 2, 2016, codenamed “Hack the Pentagon” (Hack the Pentagon) as part of a cyber security verification program. More than 1.4 thousand hackers took part in this kind of project. Not less than a hundred vulnerabilities were discovered in the department’s computer systems. The goal of the project is to find problems and determine their causes before attackers can get to them. All this will help save not only time, but also money in case of hacking.
As US Secretary of Defense Ash Carter said earlier, the military currently does not have enough knowledge in the information security industry, so the action to attract the best representatives in the field of information security was quite reasonable.
')
The Pentagon also tested its sites before, so-called “red teams” were created for this.
The concept of "red team" appeared back in the 80s, when the command of the US Navy created a secret team, based on Navy Seals, which was tasked to test the vulnerability of the Navy to terrorism. This team tested the protection of naval bases, nuclear submarines, ships, civilian airports and the American embassy.
Lyons (former commander of the US Pacific Fleet, retired Navy admiral): “I created the Red team ... She will plan the terrorist attacks on ships and coastal facilities of the US Navy all over the world. It has the task of identifying the vulnerable places of the objects of attack and planning attacks in accordance with the known possibilities and ethnic characteristics of terrorist groups, as well as with the political goals of certain sovereign states. Along with preparing the attack scenarios, the Red Team will also develop recommendations for security measures that should be taken to prevent terrorists from carrying out terrorist actions so that they will be forced to abandon them. ”
On October 23, 1983, Muslim terrorists carried out an explosion of the US Marine barracks in Beirut, killing 241 people. This incident and the widespread presence of the United States in many regions of the world forced the government to review security measures in the event of an attack using non-traditional tactics and means of warfare. The command came to the conclusion that it would be more correct not to create a small anti-terrorist team that would be in a state of constant combat readiness, but instead all the fighters would have to undergo appropriate training from time to time in order to professionally cope with the performance of anti-terrorist functions.
There were counterterrorism units of the special forces such as Delta and Team 6, which were well prepared for effective action, but they could respond to the current situation according to the requirements. But the security and defense of stationary objects, such as the American embassies or bases in overseas territories, had to be secured in advance against a possible terrorist attack, and therefore taught the security personnel to recognize and take measures to repel the attack.
Having received authority from the headquarters of the Navy, people were selected who were considered the most suitable to participate in the Red Team, 18 participants were selected here, most of the Seals and Team 6 divisions. The Red Team was the best of the best, its military personnel going to the exercises with a full complement of counter-terrorism equipment, including weapons and explosives, in case they are urgently needed to solve combat missions.
No one doubted the professional skills of the Red Team. The team members were masters of secret penetration of objects, the implementation of acts of sabotage, kidnapping, interrogation, detachment and evasion from meeting with the enemy. In fact, their skill was higher than that of most terrorist groups.
Returning to the theme of the project "Hack the Pentagon"
As part of the above-mentioned initiative, some of the Ministry’s extensive computer networks were opened to outside experts for testing. The experts who took part are citizens of the United States who have passed the background check. At the initial stage of the project, sensitive networks or key weapons development programs were not included in the program. At the head of the hacking project, a Defense Digital Service was appointed, which was created last November. DDS is a small group of engineers and experts in the field of information processing. The most talented representatives of the American technology community were invited to work, who will be able to use the most innovative and flexible approaches to solving problems related to information technology in their work.
As a result of the pilot experiment “Hack the Pentagon” at the federal level, more than a hundred vulnerabilities were discovered by involved hackers. The project has exceeded all expectations, in the future it will make the system more secure at low cost. For obvious reasons, exactly where the vulnerabilities were found - history is silent. It is only known that out of 1,410 hackers 90 participants distinguished themselves (in a good sense of the word).
As previously reported, the prize fund was $ 150 thousand. The amount of remuneration will be determined according to many factors. The size of cash prizes will range from $ 100 to $ 15,000, depending on the type and severity of the vulnerability found, as well as on whether the hacker has managed to use it or not. In addition to cash incentives, participants in the competition will receive qualification certificates from Hacker One.
Many people in the common people call this project an action-show of talents for hackers, because, like the “red teams,” the goal is to find and attract the best of the best.
The network has long been a lot of memes on this topic)
As US Secretary of Defense Ash Carter said earlier, the military currently does not have enough knowledge in the information security industry, so the action to attract the best representatives in the field of information security was quite reasonable.
')
The Pentagon also tested its sites before, so-called “red teams” were created for this.
The concept of "red team" appeared back in the 80s, when the command of the US Navy created a secret team, based on Navy Seals, which was tasked to test the vulnerability of the Navy to terrorism. This team tested the protection of naval bases, nuclear submarines, ships, civilian airports and the American embassy.
How did the concept of "red team" (red team)
Lyons (former commander of the US Pacific Fleet, retired Navy admiral): “I created the Red team ... She will plan the terrorist attacks on ships and coastal facilities of the US Navy all over the world. It has the task of identifying the vulnerable places of the objects of attack and planning attacks in accordance with the known possibilities and ethnic characteristics of terrorist groups, as well as with the political goals of certain sovereign states. Along with preparing the attack scenarios, the Red Team will also develop recommendations for security measures that should be taken to prevent terrorists from carrying out terrorist actions so that they will be forced to abandon them. ”
On October 23, 1983, Muslim terrorists carried out an explosion of the US Marine barracks in Beirut, killing 241 people. This incident and the widespread presence of the United States in many regions of the world forced the government to review security measures in the event of an attack using non-traditional tactics and means of warfare. The command came to the conclusion that it would be more correct not to create a small anti-terrorist team that would be in a state of constant combat readiness, but instead all the fighters would have to undergo appropriate training from time to time in order to professionally cope with the performance of anti-terrorist functions.
There were counterterrorism units of the special forces such as Delta and Team 6, which were well prepared for effective action, but they could respond to the current situation according to the requirements. But the security and defense of stationary objects, such as the American embassies or bases in overseas territories, had to be secured in advance against a possible terrorist attack, and therefore taught the security personnel to recognize and take measures to repel the attack.
Having received authority from the headquarters of the Navy, people were selected who were considered the most suitable to participate in the Red Team, 18 participants were selected here, most of the Seals and Team 6 divisions. The Red Team was the best of the best, its military personnel going to the exercises with a full complement of counter-terrorism equipment, including weapons and explosives, in case they are urgently needed to solve combat missions.
No one doubted the professional skills of the Red Team. The team members were masters of secret penetration of objects, the implementation of acts of sabotage, kidnapping, interrogation, detachment and evasion from meeting with the enemy. In fact, their skill was higher than that of most terrorist groups.
Returning to the theme of the project "Hack the Pentagon"
As part of the above-mentioned initiative, some of the Ministry’s extensive computer networks were opened to outside experts for testing. The experts who took part are citizens of the United States who have passed the background check. At the initial stage of the project, sensitive networks or key weapons development programs were not included in the program. At the head of the hacking project, a Defense Digital Service was appointed, which was created last November. DDS is a small group of engineers and experts in the field of information processing. The most talented representatives of the American technology community were invited to work, who will be able to use the most innovative and flexible approaches to solving problems related to information technology in their work.
As a result of the pilot experiment “Hack the Pentagon” at the federal level, more than a hundred vulnerabilities were discovered by involved hackers. The project has exceeded all expectations, in the future it will make the system more secure at low cost. For obvious reasons, exactly where the vulnerabilities were found - history is silent. It is only known that out of 1,410 hackers 90 participants distinguished themselves (in a good sense of the word).
As previously reported, the prize fund was $ 150 thousand. The amount of remuneration will be determined according to many factors. The size of cash prizes will range from $ 100 to $ 15,000, depending on the type and severity of the vulnerability found, as well as on whether the hacker has managed to use it or not. In addition to cash incentives, participants in the competition will receive qualification certificates from Hacker One.
Many people in the common people call this project an action-show of talents for hackers, because, like the “red teams,” the goal is to find and attract the best of the best.
The network has long been a lot of memes on this topic)
Source: https://habr.com/ru/post/395301/
All Articles