Over the past two years, a group at Sandia National Laboratories known informally as the Red Team has, at customer invitation, either successfully invaded or devised successful mock attacks on 35 out of 35 information systems at various sites, along with their associated security technologies.
Their work demonstrates that competent outsiders can hack into almost all networked computers as presently conformed no matter how well guarded, say spokespeople for the group, formally known as the Information Design Assurance Red Team or IDART.
Networked computers might include e-commerce, transmitted or Net-stored financial data (from credit cards, money-machine cards, and bank accounts), as well as medical data.
Sites investigated by Sandia's self-described "bad guys" include information systems from two very large corporations and several key government agencies, says team leader Ruth Duggan from the Red Team lab in a restricted area of Sandia, in Albuquerque, N.M, a Department of Energy national security laboratory.
"We found specific weaknesses in every system," Duggan says.
IDART was started in 1996 by Michael Skroch, now on assignment with DARPA (Defense Advanced Research Projects Agency). DARPA was one of the team's principal sponsors before Skroch was asked to join that organization as a program manager.