Red Teams are groups of US troops, employees and contractors who test Defense Department networks for cyber vulnerabilities by assuming adversarial roles.
“Currently Red Teams lack the time and funding to develop new tools and capabilities. The manning models for the Service Red Teams vary widely and are not uniformly successful,” the DOTE wrote in its fiscal year 2018 Annual Report.
“Reviews of the capabilities of several Red Teams in FY18 showed that the best teams were overscheduled and overwhelmed by workload,” the report added. The findings are based on data from more than 50 cybersecurity assessments with Combatant Command (CCMD) and Services. A CCMD is composed of forces from at least two military departments.
According to the report, the Army’s Threat Systems Management Office Red Team did not have sufficient time to “prepare the array of representative cyber-attacks attributed to the portrayed adversary,” resulting in what the DoD described as a “gap” between cyber Red Team capabilities and cyber threat groups.