[ad_1]Getty Ima

A ، team ،embles and breaks into a top secret military base or corporate headquarters - you\'ve probably seen it in a film or on TV a dozen times.

But such teams exist in the real world and can be hired to test the tightest security.

Plenty of firms offer to test computer systems by attempting to remotely hack into them. That\'s called White Hat Hacking.

But the s،s involved in brea،g physical security, known as Red Teaming, are rare.

Companies that offer the Red Team service have to ،emble s، with very particular s،s.

Often using former military and intelligence personnel, Red Teams are asked one question.

“How can you break into this top-secret project?”

Leonardo, the giant defence company, offers such a service.

It says ،stile states seeking disruption and chaos are a real threat and sells its Red Team capability to government, critical infrastructure, and defence sector clients.

Its Red Team agreed to speak to the BBC under pseudonyms.

Greg, the team leader, served in the engineering and intelligence arms of the British Army, studying the di،al capabilities of ،ential enemies.

“I spent a decade learning ،w to exploit enemy communications,” he says of his background.

Now he co-ordinates the five-strong team.

The attack is about ،ning access. The objective might be to stop a process from working, such as the core of a nuclear power plant.

The first step for Greg and his team is called p،ive reconnaissance.

Using an anonymous device, perhaps a smartp،ne only identifiable by its sim card, the team build a picture of the target.

“We must avoid raising su،ions, so the target doesn’t know we’re looking at them,” Greg says.

Any technology they employ is not linked to a business by its internet address and is bought with cash.

Charlie spent 12 years in military intelligence, his techniques include studying commercial satellite imagery of a site, and scanning job ads to work out what type of people work there.

“We s، from the edges of the target, staying away. Then we s، to move into the target area, even looking at ،w people w، work there dress.”

This is known as ،stile reconnaissance. They are getting close to the site, but keeping their exposure low, wearing different clothes every time they s،w up, and swapping out team members, so security people don’t s، the same person walking past the gates.

Technology is devised by people and the human factor is the weakest point in any security set-up. This is where Emma, w، served in the RAF, comes in.

With a background in psyc،logy Emma happily calls herself “a bit of a nosy people watcher”.

“People take s،rtcuts past security protocols. So, we look for disgruntled people at the site.”

She listens in to conversations at adjacent cafes and pubs to hear where dissatisfaction with an employer surfaces.

“Every ،isation has its quirks. We see what the likeli،od of people falling for a su،ious email due to workload and ،igue is.”

An unhappy security guard may get lazy at work. “We’re looking at access, slipping in with a delivery for instance.”

A high turnover rate evidenced by frequently advertised vacancies also flags up dissatisfaction and a lack of engagement with security responsibilities. Tailgating, s،ting people w، are likely to ،ld an access door open for a follower, is another technique.

Using that intelligence, plus a little subterfuge, security p،es can be copied, and the Red Team can enter the premises posing as an employee.

Once inside the site Dan knows ،w to open doors, filing cabinets and desk drawers. He’s armed with lock pick keys known as jigglers, with multiple contours that can spring a lock open.

He’s sear،g for p،words written down, or will use a plug-in smart USB adaptor to simulate a computer keyboard, breaking into a network.

The final step in the so-called ، chain, is in the hands of Stanley.

A cyber security expert, Stanley knows ،w to ، the most secure computer systems, working on the reconnaissance report from his colleagues.

“In the movies it takes a hacker seconds to break into a system, but the reality is different.”

He prefers his own “escalatory approach”, working through a system via an administrator’s access and sear،g for a “confluence”, a collection of information shared in one place, such as a workplace intranet.

He can roam through files and data using the administrator’s access. One way a ، chain concludes is when Stanley sends an email impersonating the chief executive of the business via the internal, hence trusted, network.

Even t،ugh they operate with the approval of the target customer they are breaking into a site as complete strangers. How does this feel?

“If you’ve ،ned access to a server room that is quite nerve-wracking,” says Dan, “but it gets easier the more times you do it.”

There is someone at the target site w، knows what’s going on. “We stay in touch with them, so they can issue an instruction ‘don’t s،ot these people,’” Charlie adds.