Inside Google's Red Team: How Ethical Hackers Stay Ahead of Cyber Threats

In this episode, Tobias Bolzern talks to Daniel Fabian, a security expert at Google. Daniel explains the concept of red teaming, where a special team simulates attacks to find vulnerabilities before real attackers can exploit them. A typical day of red teaming involves extensive research, testing and repeated failures, with only 5-10% of attacks being successful. One example of an attack was the manipulation of USB plasma globes that posed as keyboards and installed malicious code on company computers. Daniel emphasises that ethical boundaries are observed, such as not accessing real user data or physical attacks. He also heads the AI Red team at Google, which investigates security vulnerabilities in AI systems, and explains how attacks such as training data poisoning and prompt injection work. Transparency is important to him, which is why Google shares its findings from AI security research with the community in order to find solutions together. At the end, Daniel gives valuable tips for young talents, in particular the importance of curiosity and an attacker mentality to recognise vulnerabilities.