A newly revised Army regulation prescribes the use of “red teams” that are assigned to try and penetrate the security of military communications, as if they were hackers or opposition forces.
“Red Team operations expose vulnerabilities by challenging an organization’s readiness and ability to protect information. Red Team activities focus on identifying an organization’s critical and classified information to show the operational impact of physical, information and operations security shortcomings,” the regulation explains. “To replicate a true adversary, certified Red Teams have the authority to access .mil networks from public domains through the use of remote operations.”
See “Communications Security Monitoring,” Army Regulation 380-53, December 23, 2011.
Among other changes to the previous edition of the regulation, the new revision “removes the requirement to obtain permission from the Assistant Secretary of Defense for Networks and Information Integration to conduct communications security monitoring in the National Capital Region.”