SANDIA RED TEAM HACKS ALL DEFENSES

July 28, 2000

FEATURES & COMMENTARY

Albuquerque, N.M. — Over the past two years, a group at Sandia National Laboratories known informally as the Red Team has, at customer invitation, either successfully invaded or devised successful mock attacks on 35 out of 35 information systems at various sites, along with their associated security technologies.

Their work – challenged only by a new style of defense, also developed at Sandia, called an “intelligent agent” – demonstrates that competent outsiders can hack into almost all networked computers as presently conformed no matter how well guarded, say spokespeople for the group, formally known as the Information Design Assurance Red Team or IDART.

Networked computers might include e-commerce, transmitted or Net-stored financial data (from credit cards, money-machine cards, and bank accounts), as well as medical data.

Sites investigated by Sandia’s self-described “bad guys” include information systems from two very large corporations and several key government agencies, says team leader Ruth Duggan from the Red Team lab in a restricted area of Sandia, a Department of Energy national security laboratory.

“We found specific weaknesses in every system,” Duggan says.

IDART was started in 1996 by Michael Skroch, now on assignment with DARPA (Defense Advanced Research Projects Agency). DARPA was one of the team’s principal sponsors before Skroch was asked to join that organization as a program manager.

The Red Team’s mode, says team member Ray Parks, is to “role-play the position of an adversary” – a point of view sometimes unexpectedly difficult for system designers to adopt.

In August, DARPA is sponsoring the Red Team to teach a short course to invited government agencies on how to design better information systems by understanding how to think like an attacker.

While the Sandia group’s actions are entirely legal, its adoption of an “outlaw” mindset combined with a willingness to do relatively deep analyses of ways an information system can be penetrated (whether through the Internet or by an insider) has helped test and develop concepts in security technology. Some of these concepts are so advanced they are not yet available in the marketplace.

The typical IDART group, which may consist of three to eight hackers, sometimes explains to clients in advance exactly how and when they will attack. System defenders have time to prepare specific, automatic, and even redundant defenses for their software, platforms, firewalls, and other system components. Yet results disconcert clients every time: their defenses are breached.

“Right now, information system defenders have a very difficult job,” says Duggan. “Our goal is to improve the security of information systems to make the attacker’s job difficult instead.” But the group has a long way to go. “Fortified positions do take us longer to break in,” she says, “but on the order of minutes, not hours.”

“In the past, I’ve been a system defender,” says longtime team member David Duggan. “It’s frankly nice to be on the winning team.” His guileless smile belies the chill of his words. “If I’m an intruder and I merge with background noise, how can you tell I’m there?”

The extraordinarily broad abilities of cyber attackers – from professional hackers to terrorists to state- and corporate-sponsored aggressors – to penetrate any system they desire can result in pilfered information, corrupted data, a change in the order of operations, or a flat denial of services. Any of these, to an individual, is an annoyance. To major corporations, they could result in billions of dollars misplaced or stolen, or in loss of reputation. In a medical or military emergency, an adversary who could intercept messages, corrupt data, and deny access to services could cause catastrophic damage.

To forestall such problems, the Red Team prefers to be called in on the design stage of a system, though it can attack a system already in place to ferret out weak points. “Our job is to understand how systems can be caused to fail, and then to help the customers improve the surety of their systems,” says Sam Varnado, Energy and Critical Infrastructure Center Director.

The group attacks from templates it creates of different types of hackers. The Red Team’s favorite adversary is the cyber terrorist, an adversary model principally developed by Brad Wood, who led the Red Team for two years. Says David Duggan, “We role-play cyberterrorists as people who go after low-hanging fruit in cyberspace, i.e., places people forget to defend. Why attack a firewall when a modem is wide open?” The group assumes cyberterrorists are risk-averse and don’t want to be caught. “The typical hacker, on the other hand, may not care about being caught after he’s done his deed, and maybe even wants the notoriety.”

The Red Team asks company executives about their “worst nightmares” to deduce the targets the company or agency most wants protected. The team assumes cyberterrorists can learn how the system is designed. The Red Team uses only “open-source” attacks – that is, attacks that are publicly available – announced in advance. It still breaks in. Then team members share data on their attack: places, times, and length of defense.

The point, say Red Team members, is not to keep score, but to keep good data. The group tries to demonstrate credibly how an adversary might attack, and then discuss with the customer what it did – a big difference between Sandia and “Red” teams from private companies that run the equivalent of simple computer programs used to test vehicles. Instead, “We find ways the systems can be used other than the way they were intended,” says David Duggan. “We may use their security against them,” says team member Julie Bouchard.

The problem in devising defenses is no one has adversaries sitting under a microscope with probes attached, waiting to be studied.

Another big problem, members of the group say, is that most software these days is written overseas or without validation. Trojan Horses that go off when the adversary chooses to trigger them could be placed in it. Asked why such events haven’t already happened, group members speculate it may be better for adversaries to keep US systems up, in order to extract data from them.

The Red Team participates in attacks that might range from a week to five months. The nature of the work can still raise hackles among defenders, who may sometimes fail to appreciate a friendly attacker. One group member tells clients to say to themselves, “The Red Team is my friend,” and repeat it twice more when tempers grow short.

Sandia does not release the name of IDART’s clients, but describes the IDART process at its web site of http://www.sandia.gov/idart/ . A paper on its work: “New Paradigms in Network Security: Using Red Teams as a measure of systems assurance,” will be presented in Cork, Ireland, at the New Security Paradigms Workshop 2000, sponsored by the Association of Computing Machinery (ACM), Sept. 19-21.

============================================================

Subscribe to HPCwire's Weekly Update!

Be the most informed person in the room! Stay ahead of the tech trends with industy updates delivered to you every week!

Intel Debuts New GPU – Ponte Vecchio – and Outlines Aspirations for oneAPI

November 17, 2019

Intel today revealed a few more details about its forthcoming Xe line of GPUs – the top SKU is named Ponte Vecchio and will be used in Aurora, the first planned U.S. exascale computer. Intel also provided a glimpse of Read more…

By John Russell

SC19: Welcome to Denver

November 17, 2019

A significant swath of the HPC community has come to Denver for SC19, which began today (Sunday) with a rich technical program. As is customary, the ribbon cutting for the Expo Hall opening is Monday at 6:45pm, with the Read more…

By Tiffany Trader

SC19’s HPC Impact Showcase Chair: AI + HPC a ‘Speed Train’

November 16, 2019

This year’s chair of the HPC Impact Showcase at the SC19 conference in Denver is Lori Diachin, who has spent her career at the spearhead of HPC. Currently deputy director for the U.S. Department of Energy’s (DOE) Read more…

By Doug Black

Microsoft Azure Adds Graphcore’s IPU

November 15, 2019

Graphcore, the U.K. AI chip developer, is expanding collaboration with Microsoft to offer its intelligent processing units on the Azure cloud, making Microsoft the first large public cloud vendor to offer the IPU designe Read more…

By George Leopold

At SC19: What Is UrgentHPC and Why Is It Needed?

November 14, 2019

The UrgentHPC workshop, taking place Sunday (Nov. 17) at SC19, is focused on using HPC and real-time data for urgent decision making in response to disasters such as wildfires, flooding, health emergencies, and accidents. We chat with organizer Nick Brown, research fellow at EPCC, University of Edinburgh, to learn more. Read more…

By Tiffany Trader

AWS Solution Channel

Making High Performance Computing Affordable and Accessible for Small and Medium Businesses with HPC on AWS

High performance computing (HPC) brings a powerful set of tools to a broad range of industries, helping to drive innovation and boost revenue in finance, genomics, oil and gas extraction, and other fields. Read more…

IBM Accelerated Insights

Data Management – The Key to a Successful AI Project

 

Five characteristics of an awesome AI data infrastructure

[Attend the IBM LSF & HPC User Group Meeting at SC19 in Denver on November 19!]

AI is powered by data

While neural networks seem to get all the glory, data is the unsung hero of AI projects – data lies at the heart of everything from model training to tuning to selection to validation. Read more…

China’s Tencent Server Design Will Use AMD Rome

November 13, 2019

Tencent, the Chinese cloud giant, said it would use AMD’s newest Epyc processor in its internally-designed server. The design win adds further momentum to AMD’s bid to erode rival Intel Corp.’s dominance of the glo Read more…

By George Leopold

Intel Debuts New GPU – Ponte Vecchio – and Outlines Aspirations for oneAPI

November 17, 2019

Intel today revealed a few more details about its forthcoming Xe line of GPUs – the top SKU is named Ponte Vecchio and will be used in Aurora, the first plann Read more…

By John Russell

SC19: Welcome to Denver

November 17, 2019

A significant swath of the HPC community has come to Denver for SC19, which began today (Sunday) with a rich technical program. As is customary, the ribbon cutt Read more…

By Tiffany Trader

SC19’s HPC Impact Showcase Chair: AI + HPC a ‘Speed Train’

November 16, 2019

This year’s chair of the HPC Impact Showcase at the SC19 conference in Denver is Lori Diachin, who has spent her career at the spearhead of HPC. Currently Read more…

By Doug Black

Cray, Fujitsu Both Bringing Fujitsu A64FX-based Supercomputers to Market in 2020

November 12, 2019

The number of top-tier HPC systems makers has shrunk due to a steady march of M&A activity, but there is increased diversity and choice of processing compon Read more…

By Tiffany Trader

Intel AI Summit: New ‘Keem Bay’ Edge VPU, AI Product Roadmap

November 12, 2019

At its AI Summit today in San Francisco, Intel touted a raft of AI training and inference hardware for deployments ranging from cloud to edge and designed to support organizations at various points of their AI journeys. The company revealed its Movidius Myriad Vision Processing Unit (VPU)... Read more…

By Doug Black

IBM Adds Support for Ion Trap Quantum Technology to Qiskit

November 11, 2019

After years of percolating in the shadow of quantum computing research based on superconducting semiconductors – think IBM, Rigetti, Google, and D-Wave (quant Read more…

By John Russell

Tackling HPC’s Memory and I/O Bottlenecks with On-Node, Non-Volatile RAM

November 8, 2019

On-node, non-volatile memory (NVRAM) is a game-changing technology that can remove many I/O and memory bottlenecks and provide a key enabler for exascale. That’s the conclusion drawn by the scientists and researchers of Europe’s NEXTGenIO project, an initiative funded by the European Commission’s Horizon 2020 program to explore this new... Read more…

By Jan Rowell

MLPerf Releases First Inference Benchmark Results; Nvidia Touts its Showing

November 6, 2019

MLPerf.org, the young AI-benchmarking consortium, today issued the first round of results for its inference test suite. Among organizations with submissions wer Read more…

By John Russell

Supercomputer-Powered AI Tackles a Key Fusion Energy Challenge

August 7, 2019

Fusion energy is the Holy Grail of the energy world: low-radioactivity, low-waste, zero-carbon, high-output nuclear power that can run on hydrogen or lithium. T Read more…

By Oliver Peckham

Using AI to Solve One of the Most Prevailing Problems in CFD

October 17, 2019

How can artificial intelligence (AI) and high-performance computing (HPC) solve mesh generation, one of the most commonly referenced problems in computational engineering? A new study has set out to answer this question and create an industry-first AI-mesh application... Read more…

By James Sharpe

Cray Wins NNSA-Livermore ‘El Capitan’ Exascale Contract

August 13, 2019

Cray has won the bid to build the first exascale supercomputer for the National Nuclear Security Administration (NNSA) and Lawrence Livermore National Laborator Read more…

By Tiffany Trader

DARPA Looks to Propel Parallelism

September 4, 2019

As Moore’s law runs out of steam, new programming approaches are being pursued with the goal of greater hardware performance with less coding. The Defense Advanced Projects Research Agency is launching a new programming effort aimed at leveraging the benefits of massive distributed parallelism with less sweat. Read more…

By George Leopold

AMD Launches Epyc Rome, First 7nm CPU

August 8, 2019

From a gala event at the Palace of Fine Arts in San Francisco yesterday (Aug. 7), AMD launched its second-generation Epyc Rome x86 chips, based on its 7nm proce Read more…

By Tiffany Trader

D-Wave’s Path to 5000 Qubits; Google’s Quantum Supremacy Claim

September 24, 2019

On the heels of IBM’s quantum news last week come two more quantum items. D-Wave Systems today announced the name of its forthcoming 5000-qubit system, Advantage (yes the name choice isn’t serendipity), at its user conference being held this week in Newport, RI. Read more…

By John Russell

Ayar Labs to Demo Photonics Chiplet in FPGA Package at Hot Chips

August 19, 2019

Silicon startup Ayar Labs continues to gain momentum with its DARPA-backed optical chiplet technology that puts advanced electronics and optics on the same chip Read more…

By Tiffany Trader

Crystal Ball Gazing: IBM’s Vision for the Future of Computing

October 14, 2019

Dario Gil, IBM’s relatively new director of research, painted a intriguing portrait of the future of computing along with a rough idea of how IBM thinks we’ Read more…

By John Russell

Leading Solution Providers

ISC 2019 Virtual Booth Video Tour

CRAY
CRAY
DDN
DDN
DELL EMC
DELL EMC
GOOGLE
GOOGLE
ONE STOP SYSTEMS
ONE STOP SYSTEMS
PANASAS
PANASAS
VERNE GLOBAL
VERNE GLOBAL

Intel Confirms Retreat on Omni-Path

August 1, 2019

Intel Corp.’s plans to make a big splash in the network fabric market for linking HPC and other workloads has apparently belly-flopped. The chipmaker confirmed to us the outlines of an earlier report by the website CRN that it has jettisoned plans for a second-generation version of its Omni-Path interconnect... Read more…

By Staff report

Kubernetes, Containers and HPC

September 19, 2019

Software containers and Kubernetes are important tools for building, deploying, running and managing modern enterprise applications at scale and delivering enterprise software faster and more reliably to the end user — while using resources more efficiently and reducing costs. Read more…

By Daniel Gruber, Burak Yenier and Wolfgang Gentzsch, UberCloud

Dell Ramps Up HPC Testing of AMD Rome Processors

October 21, 2019

Dell Technologies is wading deeper into the AMD-based systems market with a growing evaluation program for the latest Epyc (Rome) microprocessors from AMD. In a Read more…

By John Russell

Rise of NIH’s Biowulf Mirrors the Rise of Computational Biology

July 29, 2019

The story of NIH’s supercomputer Biowulf is fascinating, important, and in many ways representative of the transformation of life sciences and biomedical res Read more…

By John Russell

Xilinx vs. Intel: FPGA Market Leaders Launch Server Accelerator Cards

August 6, 2019

The two FPGA market leaders, Intel and Xilinx, both announced new accelerator cards this week designed to handle specialized, compute-intensive workloads and un Read more…

By Doug Black

When Dense Matrix Representations Beat Sparse

September 9, 2019

In our world filled with unintended consequences, it turns out that saving memory space to help deal with GPU limitations, knowing it introduces performance pen Read more…

By James Reinders

With the Help of HPC, Astronomers Prepare to Deflect a Real Asteroid

September 26, 2019

For years, NASA has been running simulations of asteroid impacts to understand the risks (and likelihoods) of asteroids colliding with Earth. Now, NASA and the European Space Agency (ESA) are preparing for the next, crucial step in planetary defense against asteroid impacts: physically deflecting a real asteroid. Read more…

By Oliver Peckham

Cray, Fujitsu Both Bringing Fujitsu A64FX-based Supercomputers to Market in 2020

November 12, 2019

The number of top-tier HPC systems makers has shrunk due to a steady march of M&A activity, but there is increased diversity and choice of processing compon Read more…

By Tiffany Trader

  • arrow
  • Click Here for More Headlines
  • arrow
Do NOT follow this link or you will be banned from the site!
Share This