Saturday, July 23, 2016

Published: The Never Ending Campaign

This week we published one of the most contraversial papers that I believe has come out of Wapack Labs since we started. We called it the Never Ending Campaign paper because we examined the cyber threats to funding and the election during this VERY long Presidential election.

The paper details ideas of the complexity of American political landscape, and profiled the attack surfaces for any federal political operation. We discussed the difficulty of the assessment as campaigns adopt new marketing, social media, and fundraising methods. There are also different motivations for each cyber actor that may overlap.

We discussed exposures to the US financial services including the targeting of Personal Identifiable Information (PII), information of donors to the candidates, PACs, and national political committees. This is possible through the vendors hired by each campaign to managed and report donations. Exposure also includes the organizations involved in targeting the banks servicing the transactions for all of these organizations via business email compromise as well as those who have worked with the business or political assets belonging to each candidate.

Why controversial? This paper, even inside the team, created some of the most heated discussions, between authors, peer reviewers and editors. The paper early on started as a pile of information, but ended as a cohesive, no-kidding paper on practical items that companies can key in on to protect themselves from fraud schemes designed to leverage campaign fund raising. 

The paper is positioned free from political bias. My team performed well. The paper was published to the Red Sky Alliance and through the FS-ISAC on the 19th.


Other notes?

  • We introduced four new potential members to Red Sky Alliance this week. One financial, two maritimes, and a Defense Contractor.
  • We wrapped up our support to the Cleveland Police Department with over 85 intelligence reports written, and at least one preemptive action taken as a result of our reporting.  
  • I had the opportunity to speak at the Maritime Cyber conference at Johns Hopkins APL this week. Of course, I told the story of the key loggers in the Maritime space, and the idea that we're well over a million accounts in thousands and thousands of unique organizations around the world. 
More? There's tons but I'll hold for now. I'm preparing to have a great weekend --my 20th OCS reunion is tomorrow in VA Beach, and then off the grid in Maine for a couple of weeks. The timing is good.. I'm getting ready to cut the arms off my team like my daughter used to do with her Barbie dolls when she was having fits.

So I'm publishing this in absentia.. normally I'm up at 4AM writing my Saturday blog. Today however, it's Friday afternoon. My last meetings are in 20 minutes and again an hour after that, then.. off to Cancun Cantina for beer and cigars with buddy's and VA Beach tomorrow. My plan is to take next weekend off.

So, until the 12th of August? Have a great two weeks!