Meet the team paid to break into top-secret bases

Have you ever watched a movie where a team breaks into a secret military base or a corporate headquarters? It might seem like something only seen in films, but there are real-life teams that do this kind of work. These teams are known as Red Teams, and they are hired to test the security of important places. While many companies focus on testing computer systems through remote hacking, known as White Hat Hacking, Red Teams specialize in breaching physical security. The skills required for this type of work are quite rare, and companies that offer Red Team services often employ individuals with unique backgrounds, frequently including former military and intelligence personnel. The main question these teams are tasked with is, 'How can you break into this top-secret project? ' One prominent company that provides such services is Leonardo, a large defense contractor. They emphasize that there are real threats from hostile nations that seek to create chaos, and they market their Red Team capabilities to government agencies, critical infrastructure, and defense sector clients. Although there are other companies that offer Red Team services, the number is limited due to the specialized skills required. These firms tend to maintain a low profile and are often hesitant to engage with the media. However, members of Leonardo's Red Team agreed to share their experiences with the BBC, albeit under pseudonyms to protect their identities. Greg, the team leader, has a background in the engineering and intelligence branches of the British Army, where he focused on understanding the digital capabilities of potential adversaries. He states, 'I spent a decade learning how to exploit enemy communications. ' Now, he coordinates a team of five individuals. The primary objective of their operations is to gain access to a target, which could involve disrupting a critical process, such as the operations of a nuclear power plant. The first step in their approach is called passive reconnaissance. This involves gathering information about the target without raising any suspicions. Using an anonymous device, such as a smartphone that can only be identified by its SIM card, the team begins to build a profile of the target. Greg explains, 'We must avoid raising suspicions, so the target doesn’t know we’re looking at them. ' They ensure that any technology they use is not linked to a business through its internet address and is purchased with cash to maintain anonymity. Red Teams also pay close attention to the behavior of security personnel, looking for signs of demotivation. Charlie, another team member, has a background in military intelligence and employs various techniques, including analyzing commercial satellite imagery of the target site and scanning job advertisements to determine the types of individuals employed there. He explains, 'We start from the edges of the target, staying away. Then we start to move into the target area, even looking at how people who work there dress. ' This careful observation is known as hostile reconnaissance. The team aims to get closer to the site while minimizing their exposure, changing their clothing each time they visit and rotating team members to avoid detection by security personnel. They understand that technology is created by humans, and the human element is often the weakest link in any security system. This is where Emma, another team member with a background in the RAF, plays a crucial role. Emma describes herself as 'a bit of a nosy people watcher. ' She explains, 'People take shortcuts past security protocols. So, we look for disgruntled people at the site. ' By listening to conversations in nearby cafes and pubs, she gathers insights into employee dissatisfaction. 'Every organization has its quirks. We see what the likelihood of people falling for a suspicious email due to workload and fatigue is. ' An unhappy security guard may become lax in their duties, which could create an opportunity for the Red Team. They also look for signs of high turnover rates, which can indicate dissatisfaction and disengagement with security responsibilities. Another technique they employ is tailgating, where they identify individuals likely to hold an access door open for someone following behind. With this intelligence, along with a bit of deception, they can sometimes replicate security passes and enter the premises posing as employees.