This week we published one of the most contraversial papers that I believe has come out of Wapack Labs since we started. We called it the Never Ending Campaign paper because we examined the cyber threats to funding and the election during this VERY long Presidential election.
The paper details ideas of the complexity of American political landscape, and profiled the attack surfaces for
any federal political operation. We discussed the difficulty of the assessment as campaigns adopt new marketing,
social media, and fundraising methods. There are also different motivations for
each cyber actor that may overlap.
We discussed exposures to the US
financial services including the targeting of Personal Identifiable
Information (PII), information of donors to the candidates, PACs, and national
political committees. This is possible through the vendors hired by each
campaign to managed and report donations. Exposure also includes the
organizations involved in targeting the banks servicing the transactions for
all of these organizations via business email compromise as well as those who
have worked with the business or political assets belonging to each candidate.
Why controversial? This paper, even inside the team, created some of the most heated discussions, between authors, peer reviewers and editors. The paper early on started as a pile of information, but ended as a cohesive, no-kidding paper on practical items that companies can key in on to protect themselves from fraud schemes designed to leverage campaign fund raising.
The paper is positioned free from political bias. My team performed well. The paper was published to the Red Sky Alliance and through the FS-ISAC on the 19th.
Other notes?
So I'm publishing this in absentia.. normally I'm up at 4AM writing my Saturday blog. Today however, it's Friday afternoon. My last meetings are in 20 minutes and again an hour after that, then.. off to Cancun Cantina for beer and cigars with buddy's and VA Beach tomorrow. My plan is to take next weekend off.
So, until the 12th of August? Have a great two weeks!
Jeff
++++++++++++++++++++++++++++++++++
Other notes?
- We introduced four new potential members to Red Sky Alliance this week. One financial, two maritimes, and a Defense Contractor.
- We wrapped up our support to the Cleveland Police Department with over 85 intelligence reports written, and at least one preemptive action taken as a result of our reporting.
- I had the opportunity to speak at the Maritime Cyber conference at Johns Hopkins APL this week. Of course, I told the story of the key loggers in the Maritime space, and the idea that we're well over a million accounts in thousands and thousands of unique organizations around the world.
So I'm publishing this in absentia.. normally I'm up at 4AM writing my Saturday blog. Today however, it's Friday afternoon. My last meetings are in 20 minutes and again an hour after that, then.. off to Cancun Cantina for beer and cigars with buddy's and VA Beach tomorrow. My plan is to take next weekend off.
So, until the 12th of August? Have a great two weeks!
Jeff
No comments:
Post a Comment