Do you know how 'red team' hackers protect us from data theft?
The past year and a half has been an extremely tumultuous period for the world of technology. Since the calendar turned the page on 2016, we've witnessed a number of high profile cases that left millions of users exposed after the security of their computers was breached and their valuable personal data fell into the hands of modern-day pirates – malicious hackers – trolling the world wide web.
Though our collective anger seems to be directed at Mark Zuckerberg and his company Facebook for the recent Facebook-Cambridge Analytica scandal, it is the cybersecurity howlers which should concern us more.
2017 saw some of the worst malware and ransomware attacks in the history of cybersecurity. It was a year when nothing seemed safe as hackers and their crews took over connected machines by the millions, gaining access to not just relatively inconsequential information such as the likes and dislikes of potential voters, but also troves of sensitive data such as pictures, bank account details, passwords among other information stored on PCs and remote servers scattered across the globe.
And if the dark shadow of ransomware such as WannaCry and Petya lurking in the background wasn't enough, in February earlier this year, Spectre and Meltdown exposed the underlying frailties of our existing cybersecurity setup.
These chip-level security flaws, though extremely difficult to take advantage of, can be potentially exploited by malicious codes which can then give their creators access to information stored on the system's protected kernel or application memory.
What's more baffling is the stupendous reach of these flaws. Due to their nature of being design glitches in the core architecture of the processors used in digital devices, Spectre and Meltdown affected almost every smartphone, PC or server system that powers our digital life.
Why the situation is not so gloomy
Despite flaws like Spectre and Meltdown painting a rather gloomy picture of the state of modern-day cybersecurity, the reality is not as scary. Being chip-level level flaws affecting devices at such a massive scale, Spectre and Meltdown serve as exceptions to the rule.
More importantly, they also belong to a long list of security flaws – an overwhelming majority of them software-related – that were found and plugged by the big tech giants of the world before things got out of hand.
Red teams
Much of this preventive work is carried out by red teams that exist within most tech organisations. With the existence of bugs and security flaws being an inevitable reality for any software, these specially formed teams, work round the clock to expose flaws in codes before they can be discovered and subsequently exploited by malicious hackers trolling the web.
Pretty standard stuff, right? Not really.
As opposed to coders working on finding fixes to known issues rather than discovering new ones, red teams do not bog themselves down with finding fixes. Rather, their work sees them trying to stay ahead of the curve by working to find ways to exploit a software.
Stepping into the shoes of hackers, they carry out multi-layered attack simulations in a bid to probe the world's most used softwares such as Microsoft Windows, Android, iOS etc for vulnerabilities.
Though seemingly a core part of the setup of software security teams, red teams are somewhat a new phenomenon. Case in point, Microsoft Windows – an operating system that powers almost every laptop and desktop computer worldwide. As Wired explains, till about four years ago, Windows did not have a dedicated red team to protect itself against hackers.
The team came into existence after David Weston, who currently heads the red team, made his pitch for Microsoft to rethink how it handled the security of Windows operating systems.
Explaining the need behind a red team, he says: "Most of our hardening of the Windows operating system in previous generations was: Wait for a big attack to happen, or wait for someone to tell us about a new technique, and then spend some time trying to fix that... Obviously that’s not ideal when the stakes are very high.”
He further goes on to explain how he wanted to "go beyond Microsoft’s historical mode of using bug bounties and community relationships to formulate a defence".
More than ethical hackers
So how do you outsmart the biggest hackers in the world? By bringing them over to your side.
The Microsoft red team includes former ethical hackers such as Jordan Rabet, who was noticed by David after the former impressively jailbroke the Nintendo 3DS in 2014. As the Wired story reveals, Rabet currently focuses on browser security but more importantly was one of the players in Microsoft’s response to the Spectre vulnerability.
There are other members too, and among them Jasika Bawa, an ethical hacker of Indian origin who helps transform the team’s findings into actual product improvements. Improvements that help protect us from data theft.