How elite security experts infiltrate top-secret facilities to expose physical and digital defence weaknesses
Imagine a crack team storming into a top-secret military base or corporate headquarters, and you could be reminded of scenes from your preferred action film or TV show. However, these kinds of teams do exist; their goal is to find and reveal security flaws. These are professional experts paid by businesses to evaluate the most robust defences; they are not spies or criminals. Their work is called Red Teaming, a specialised service that breaks physical security restrictions.
Although many companies offer to hack into computer systems, a technique known as White Hat Hacking, the knowledge needed to violate physical security is rarer. Red Teaming uses technology, psychology, and military-style tactics to expose real-world security flaws. Global defence contractor Leonardo offers this service to governments, critical infrastructure, and the military.
Here’s how one of Leonardo’s Red Teams works to respond to a fundamental question: “How can we break into this top-secret project?”
How Is a Red Team Assembled?
Five very talented members of the Red Team at Leonardo come from military and intelligence backgrounds, most usually. Each offers a different set of skills that helps the main goal—breaching the security of a target—undiscovered.
Serving in the engineering and intelligence arms of the British Army, Greg, the team leader, spent ten years learning how to exploit enemy communications. He now runs this elite squad.
Greg states, “I spent a decade learning how to exploit enemy communications,” to explain his background. “My current responsibility is team coordination to identify security system flaws.”
What Is Passive Reconnaissance?
Every mission starts with a passive survey, the first phase in which the Red Team acquires intelligence on their objective without generating suspicions. The purpose is straightforward: obtain a whole view of the target without drawing their attention to the team.
Greg and his colleagues create a thorough profile of their target using anonymous devices—smartphones unique only by their SIM cards.
“We must avoid creating suspicions; hence, the target doesn’t know we’re looking at them,” Greg says. “We have an excellent selection for every technology we employ. We ensure it’s all bought with cash and is not connected to any company or identifiable internet address.
Using technologies like commercial satellite images to grasp the site layout, the team stays in the shadows in this phase, far from the objective.
What Is Hostile Reconnaissance?
Once the first picture is set, the crew moves to hostile surveillance—closer to the target. Another team player, Charlie, is a master of this stage, having spent 12 years in military intelligence.
“We initially stayed away from the target and its margins. We then progressively approach, noting the behaviour of the employees there, Charlie explains. “Even something as simple as studying how employees dress can provide vital clues.”
Hostile reconnaissance mixes in with the surroundings; hence, the squad has to be careful not to be seen. Every time they return to the site, they dress differently and rotate team members to evade notice by any on-site security.
How Do Red Teams Exploit Human Weaknesses?
Though the human element is usually the weakest component of a security system, technology is the most powerful feature. Emma comes in here for that. Emma specialises in reading people and recognising their vulnerabilities, having studied psychology and spent years in the Royal Air Force (RAF).
People cut short routes past security systems. I come in here at that point, Emma adds, grinningly. “I watch people quite curiously. I am a bit nosy.”
She must listen to informal chats in bars or cafes close to the target spot, taking advantage of human flaws. She notes how staff members discuss their employment and search for indicators of discontent.
“Every company has quirks,” Emma says. I listen to unhappy staff members. A weary or disgruntled security guard may grow lazy on the job.
Job adverts for the same roles indicate high employee turnover rates, which point to a site perhaps having disengaged employees—those less inclined to observe rigorous security policies. Emma finds entrance points with this knowledge. One way in is as essential as tailgating, following an employee into a secure location without appropriate credentials.
Emma says, “We’re looking for those who might hold the door open for someone without questioning it.” “That’s all it requires.”
How Do Red Teams Gain Physical Access?
The Red Team should break through the physical obstacles when they have enough intelligence. Dan, an expert in physical security and lock-picking, oversees this step. Among his gadgets are jigglers and lock pick keys, which are many shapes that spring locks open.
“Once inside, it’s all about finding worthwhile material,” Dan explains. “We hunt passwords scribbled on sticky notes or use a plug-in smart USB device to mimic a keyboard and access a network.”
Access to safe areas—such as filing cabinets, desk drawers, or even computer systems—requires Dan to break through physical boundaries.
How Do Red Teams Penetrate Digital Security?
Once physical access has been attained, Stanley—the team’s cybersecurity specialist—should take control. Using the data acquired by the rest of the team, Stanley’s task is to access the most guarded computer systems.
“Hackers enter systems in seconds in movies. Stanley notes that it is far more difficult. “I prefer an ‘escalatory approach,’ working through an administrator’s access until I find a confluence—a collection of critical information.”
Stanley can wander the network freely once he has administrator access, accessing systems and private information. One way a mission finishes is when Stanley emails the chief executive, pretending to be the inside, trustworthy agent of the organisation.
“It is a methodical process,” Stanley says. “We gently negotiate the system; we do not rush in.”
What Is It Like to Red Team Under Pressure?
The Red Team suffers tremendous pressure even with their extraordinary degree of knowledge. After all, they invade a site as visitors; hence, there is always a chance of discovery.
Dan says, “If you have access to a server room, that is quite nerve-wracking.” Still, the more times you do it, the simpler it gets.
Their work feels legitimate even though the corporation they are breaking into hires them. The team keeps in touch with someone in the company who may instruct security staff: “Don’t shoot these people.” This guarantees safety.
“We always have someone at the target site who knows what’s going on,” Charlie says, smiling. Knowing that they can intervene if necessary gives one hope.
Why Is Red Teaming Important in Today's World?
Red teaming goes beyond mere break-through for the sake of it. It’s about revealing flaws in digital and physical security systems, enabling businesses to bolster their defences. As Greg notes, “The threats we face today are more complex than they were years ago. Other players and hostile states are always looking for means of disturbance and chaos creation. Our work is to keep ahead of them.
Red teams offer a vital service in a society growing more vulnerable and linked by the day. They enable companies to guard their most sensitive data by modelling actual threats. For these experts, every expedition is a fresh riddle to solve, a task to overcome, and a means of ensuring that the planet stays less dangerous.
