http://www.popularmechanics.com/technology/military_law/4270420.html By Glenn Derene Popular Mechanics June 30, 2008 When it comes to the U.S. government's computer security, we in the tech press have a habit of reporting only the bad news.for instance, last year's hacks into Oak Ridge and Los Alamos National Labs, a break-in to an e-mail server used by Defense Secretary Robert Gates ... the list goes on and on. Frankly that's because the good news is usually a bunch of nonevents: "Hackers deterred by diligent software patching at the Army Corps of Engineers." Not too exciting. So, in the world of IT security, it must seem that the villains outnumber the heroes - but there are some good-guy celebrities in the world of cyber security. In my years of reporting on the subject, I've often heard the National Security Agency's red team referred to with a sense of breathless awe by security pros. These guys are purported to be just about the stealthiest, most skilled firewall-crackers in the game. Recently, I called up the secretive government agency and asked if it could offer up a top red teamer for an interview, and, surprisingly, the answer came back, "Yes." What are red teams, you ask? They're sort of like the special forces units of the security industry -- highly skilled teams that clients pay to break into the clients' own networks. These guys find the security flaws so they can be patched before someone with more nefarious plans sneaks in. The NSA has made plenty of news in the past few years for warrantless wiretapping and massive data-mining enterprises of questionable legality, but one of the agency's primary functions is the protection of the military's secure computer networks, and that's where the red team comes in. In exchange for the interview, I agreed not to publish my source's name. When I asked what I should call him, the best option I was offered was: "An official within the National Security Agency's Vulnerability Analysis and Operations Group." So I'm just going to call him OWNSAVAOG for short. And I'll try not to reveal any identifying details about the man whom I interviewed, except to say that his disciplined, military demeanor shares little in common with the popular conception of the flippant geek-for-hire familiar to all too many movie fans (Dr. McKittrick in WarGames) and code geeks (n00b script-kiddie h4x0r in leetspeak). [...] _______________________________________________ Attend Black Hat USA, August 2-7 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 40 hands-on training courses and 80 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 50 nations. Visit product displays by 30 top sponsors in a relaxed setting. http://www.blackhat.comReceived on Wed Jul 02 2008 - 01:08:01 PDT
This archive was generated by hypermail 2.2.0 : Wed Jul 02 2008 - 07:25:29 PDT