Read Time:1 Minute, 49 Second
National Security Agency (NSA) ethical hackers backed by the U.S. Department of Defense (DoD) are scheduled to infiltrate the networks of the top tech companies Amazon, Google, Microsoft and Oracle. The attack aims to better understand zero-trust cybersecurity in commercial cloud environments.
A red team is usually composed of cybersecurity professionals that act as hackers to test cybersecurity controls and identify the target company’s vulnerabilities so that they may improve further.
Red teams from the NSA, and possibly from the armed services, are scheduled to conduct a long-term series of attacks to determine the strength of zero-trust security systems on cloud services offered by Amazon, Google, Microsoft and Oracle.
According to Randy Resnick, chief of the Zero Trust Portfolio Management Office, the planned test “would be a realistic adversary attack to determine whether or not the red teams could get in and exploit data. That will give us a good feel on whether or not these zero trust overlays are implemented correctly.”
The four companies chosen to be part of the testing were the winners of the Joint Warfighting Cloud Capability (JWCC) contract following the failed Joint Enterprise Defense Infrastructure (JEDI) program. The $9 billion contract is sponsored by DoD.
The operation will provide DoD with vital information which could help them proceed with zero trust and will also offer the opportunity for cloud providers to better build the foundation of zero trust.
According to Colin Demarest, a reporter at C4ISRNET, “Unlike older cybersecurity models, zero trust assumes networks are always at risk or are already compromised. The new paradigm, as a result, is inherently distrustful and requires constant validation of users, devices and general access.”
Resnick added that the four companies stated that they can instate basic levels of zero trust and that the operation will be testing if these companies are already capable of resisting attacks with just the primary level. “To our satisfaction, at least on paper, they said that all of them could meet target-level zero trust and that many of them could approach almost the entirety, if not the entirety, of full zero trust, which we’re calling advanced,” he added.
Happy
0 %
Sad
0 %
Excited
0 %
Sleepy
0 %
Angry
0 %
Surprise
0 %
0
0
