bp9801 Posted June 11, 2018 Posted June 11, 2018 Keeping users safe on their computers is a major investment, as there are numerous threats that can expose data, compromise systems, or just cause a lot of havoc without much work. Companies will even have their own team of professionals who try to break into the systems and then create fixes so nothing malicious can get in. That also extends to Microsoft and the Windows platform, as there's a red team keeping it safe because when Windows breaks, the vast majority of the world breaks with it. The Windows red team is fairly recent, as before Microsoft would wait until an attack happened or a new technique discovered in order to safeguard against it. That changed with David Weston, Windows' principal security group manager, making it known that a change should happen in order to keep the company safer in the future. Weston wanted to create a team to handle the safety of Windows instead of bug hunts and community information to let the company know what needs attention. Instead of reacting to issues, it was time to go on the offensive. Some of the team were brought to Weston's attention when they posted jailbreak videos for the Nintendo 3DS or discovered the severity of issues after the Eternal Blue hacking tool was leaked. Each of them spends their days launching attacks on Windows, seeing what works, what doesn't, and then developing ways to prevent others from doing the same. They'll develop a zero-day exploit to have the defensive Windows team, obviously called the blue team, to see if they can stop it. This is the first red team specifically for Windows, since while Microsoft had others, those were more for unprotected systems and hardware. Windows needed one and Weston made sure it did, with wins made by its red team helping not only Microsoft, but the entire industry itself. Some, like how it helped with Spectre, can't really be discussed, but there are phishing scams, such as the Strontium one by the Russian Fancy Bear group, and kernel exploits that have all been stopped or patched from even being a problem. The speed of its red team is vital, as it means updates can roll out to Windows before anything major can happen. When a reactionary approach is taken, things aren't so fortunate, but the offensive red team is who we have to thank for helping keep our PCs safe now and in the future. Source: Wired Back to original news post Share this post Link to post Share on other sites More sharing options...
Recommended Posts