CYBERSECURITY - Hunt. Attribute. Defend & Disrupt.

 

2023-11-15
CYBERSECURITY - Hunt. Attribute. Defend & Disrupt.

BY JAMES CARELESS

 

Hunt. Attribute. Defend & Disrupt.

Sapper Labs Group provides advanced intelligence and active cyber defence solutions in a dangerous world

 

The cyber battlefield is becoming increasingly important in the 21st century, with China, North Korea, Russia, and other hostile players confronting the West with serious threats to western democracies.

This is why Canada needs a credible intelligence and cyber defence capability to protect our national security. In cyberspace, adversaries are able to engage in persistent attacks on Canadian institutions, infrastructures and enterprises across cyber and information domains using sophisticated tool sets. We must be prepared to defend against these attacks now and into the future.

Based in Ottawa, Sapper Labs Group is a veteran-owned, expert team focused on providing intelligence and cyber defence products, services and training to its clients. “Drawing on our deep roots in the cyber defence and intelligence professions, we serve as a force multiplier for intelligence and active cyber defence, augmenting human capability with specialised products, expert systems and advanced automation,” said Sapper Labs CEO and Co-Founder, Al Dillon. 

Right here, right now, Sapper Labs is offering the Canadian government and our industries the cyber and intelligence support they need from a distinctly Canadian point of view. “The trouble with Canada's source of intelligence at present is that it largely comes from offshore sharing,” Dillon said. “Canada needs and deserves a uniquely Canadian perspective and capability focused on its own interests. Collaborating with the Fives Eyes defence organization and other nations is necessary, but we need to bring our own distinct voice and capabilities to those tables.”

 

COMPANY SNAPSHOT The Sapper Labs Team (left to right) Eamonn Garry, Nikeita MacMaster, Brock Lupton, Al Dillon, Shaun Covell and David McMahon

 In 2006, the original Sapper Labs Inc. was founded to fundamentally transform how government and industry approached national security and defence in the physical, cyber and information domains. To make this happen, “we created a company of the best, most highly skilled, individuals from across all areas of the industry," said Shaun Covell, Sapper Labs’ Co-Founder and CTO. Since that time, Sapper Labs has gained special insights and capabilities in cyber threat detection, operations and defence, while working alongside or embedded with military, policing, special operations organizations, and agencies in Canada and around the world. 

Over the past three years, Sapper Labs Group was formed through the merging of Sapper Labs Inc., Dark River Systems, and Sapper Labs Cyber Solutions. “We are experienced national security collaborators, veterans and innovators that share a common passion and expertise to enhance cooperation across government, industry and with specific academic experts to achieve meaningful policy, doctrine, operational tools and mission support against advanced adversaries,” Dillon told CDR. “To succeed, Sapper Labs believes that the protection of national security in a data-driven world must be a team sport.” 

Dark River Systems added vital capability to the team. Its ‘Hunchly’ online investigation tool automatically collects, documents, and annotates every web page that analysts visit to ensure complete documentation and recall. “Sapper and I had always talked at length about joining forces; we worked side by side, and we always had a shared vision for intelligence and cybersecurity,” said Justin Seitz, Dark River Systems’ Co-Founder and Chief Innovation Officer. “The team is much larger now, more diverse, and has more capability than when I first met Shaun all those years ago, but the core values have remained the same.” 

Today, Sapper Labs Group has a clear, well-defined mission: To directly support operational effects in the cyber, intelligence and information domains for government, defence, intelligence, security agencies and infrastructure operators. In doing so, the company aims to protect warfighters, tactical, operational and strategic Command, Control, Computers, Communications, Cyber, Intelligence, Surveillance, and Reconnaissance (C5ISR) systems, operational technologies (OT), platform technologies (PT), and critical infrastructure from the planet's most sophisticated adversaries in the cyber and information domains. Dillon adds, “we produce tailored intelligence reporting and provide direct operational support anywhere on Earth.” 

 

UNDERSTANDING THE THREATS 

Nations and organizations all over the world are struggling with the pace of innovation and its impact on national security and trust. Cyber attacks occur on a daily basis from all over the world, with Canada being among the targets. These attacks are below the threshold of armed conflict, yet they represent massive threats to our way of life. 

“Physical, cyber and information domains are converging, causing us to rethink institutional levels-of-war and the intelligence enterprise,” Dillon said. “At the same time, the environment has become fertile ground for adversaries and malicious actors to operate with impunity through cyber-cognitive attacks, disinformation, interference and influence. In particular, Russia and China continue to compete against Canada in cyber and information domains at the threshold-of-armed-combat in a renewed great power struggle, often using proxies and unconventional warfare tactics.” 

In this era of strategic competition, the war on truth will be the greatest challenge of our lifetime, he added. “Defending the truth requires deep knowledge of adversarial capabilities, tradecraft and intent that is gained principally through global cyber threat, social media and open-source intelligence. This is why the combination of intelligence and active cyber defence are critical to precise targeting of bad actors, the application of effective countermeasures and achieving outcomes in both cyber and information domains simultaneously.” 

To help its clients maximize their cyber defences, Sapper Labs has created a wide range of innovative cyber products and solutions. Here is what they have to offer:

 

INTELLIGENCE-AS-A-SERVICE Sapper Labs has a dedicated team of experts that perform active and defensive cyber operations for critical infrastructure, platforms, tactical networks and enterprise networks

Need accurate, reliable intelligence and don’t have the capability, resources, or time to collect it yourself? Sapper Labs can help. Their experts compile and produce tailored intelligence reports derived from a wide spectrum of open and commercial sources, designed to address their clients’ specific requirements. 

“We use Big Data science, machine learning, artificial intelligence and experienced human analysts to make sense of the environment and deliver intelligence that is unique, relevant, timely, accurate and actionable,” said Dillon. “We curate, process, assess and fuse these data feeds as required for the mission. Expert content management indexes data, validates sources and verifies the veracity of information while protecting privacy.” 

The Sapper Labs team can prepare end-intelligence products in direct support of missions at tactical, operational, and strategic levels. Such regional, thematic, and technical studies include detailed and comprehensive intelligence estimates, tailored cyber intelligence reporting, and analysis of a geographical area of interest, and insights into pacing threats such as China vis-à-vis the West. “Our analytical team also provides foresight, thought leadership, contextualization and evidence-based decision support,” Dillon told CDR.

 

ACTIVE CYBER DEFENCE 

Hunt, attribute, defend and disrupt adversary activity on Canadian infrastructure and enterprises: That’s the Sapper Labs’ approach to active cyber defence. 

It’s an approach that works: For more than 20 years, Sapper Labs’ efforts have earned the trust of operators and commanders in direct engagement with the Canadian Armed Forces (CAF) on missions. 

To make this happen, Sapper Labs has a dedicated team of experts that perform active and defensive cyber operations for critical infrastructure, platforms, tactical networks and enterprise networks. The company has developed an active cyber defence capability that leverages their advanced intelligence and augments human cyber operators with specialised automation capable of protecting warfighters, their equipment, operational platforms and technology in the performance of their missions.

  

 ‘CLOAK’ Al Dillon speaks at DEFSEC Atlantic during the cyber pane

Secrecy is at the core of effective intelligence operations. Privacy is important to citizens. Mindful of this, Sapper Labs has built ‘Cloak’. As the name suggests, it is a secure and private cloaked analytical environment for managed attribution, collection, source management and persistent engagement that enables analysts to covertly interrogate, investigate and illuminate adversary activities at the push of a button. Cloak also provides optional on-demand, secure, anonymized, ingress and egress to the workspace. 

“Cloak is a simple integration that allows any intel, cyber, investigative operator or analyst to launch a one-click investigative environment from any cyber security, Open-Source Intelligence system or Darkweb/Darkspace infrastructure,” said Dillon.

 

‘HUNCHLY’

As mentioned earlier in this article, Hunchly automatically collects, documents and annotates every web page an investigator visits, eliminating the need to take screenshots. As such, “Hunchly is a de facto global standard for online investigations,” Dillon said.

 

‘DAGGER’  

Dagger is an expert intelligence system. It uses artificial intelligence (AI) and machine learning (ML) to provide investigative recommendations based on Subject Matter Experts, training materials, existing knowledge bases and live investigative data being streamed into the system. “The system represents the Valhalla of intelligence capability in Sapper Labs” says Justin Seitz. “Dagger will ultimately help humans make more informed decisions with unique insights that are gathered in a fraction of the time.” 

Canada’s adversaries are driven by power and money. Sapper Labs is actively developing new financial intelligence products focusing on streamlining current processes for antiquated background checks and validation of organizations, individuals and their investors. “Leveraging our core intelligence platform, Sapper Labs will provide unparalleled insights to boardrooms, regulators and investigators, using automated, high-quality financial intelligence insights provided to the market in a fraction of the time,” said Dillon.

          

 INNOVATION IN NATIONAL SECURITY Al Dillon speaks with Minister Filomena Tassi and Christyn Cianfarani, CEO of CADSI, at CANSEC 2022

In its continuing mission to enhance client cybersecurity and defence, Sapper Labs regularly engages in government and industry collaborations. 

A case in point: Sapper Labs joined ONE9's Capability Labs in Nov 2022 to accelerate defence and security innovation in Canada. (ONE9 is a venture capital firm.) “Sapper now has a physical presence in ONE9's location in Ottawa and we are able to benefit from, and collaborate with, many like-minded companies in the ONE9 ecosystem,” Dillon said. “This collaboration is a force multiplier in developing new operational technologies for DND, Government of Canada, and critical infrastructure operators, along with the open market.” Sapper Labs is also working with many other Canadian security companies like Field Effect and multinationals like Amazon Web Services to spur innovations to protect Canada’s networks and interests. 

Sapper Labs is also a proud participant in DND’s Innovation for Defence Excellence and Security (IDEaS) program. Under IDEaS, the company was the first company to be awarded an innovation contract valued at more than $7.4M for its “Cyber Attribution of Sophisticated Threat Actors in the Defence of Canada” project. The project was a great success, particularly in its open collaboration with DND to arrive at the advanced capabilities.   

In partnership with and embedded with military operational units, Sapper Labs has delivered an advanced, innovative and effective cyber attribution, cyber defence, cognitive warfare, intelligence and targeting solution to the CAF. A significant outcome of this project was the development of a human-led, technology-accelerated, intelligence-powered and targeting-driven process. As a result, the CAF’s cyber defences were significantly enhanced through application of deep intelligence and automation to augment operator capability. 

“The project also demonstrated that attribution and targeting in cyber and cognitive domains are uniquely accelerated by Open-Source and Commercial Intelligence (OSINT/CSINT),” said Dillon. “Finally, Sapper Labs is innovating in platform protection and collaborating with the world's best technical companies to build cyber protection and intelligence systems for Canada's platforms in the Navy, Army and Air Force.”

 

COMMITTED TO CANADA 

Since its founding in 2006, Sapper Labs has been committed to protecting Canadian national security in all the domains that its solutions and services touch upon. 

“It's difficult to capture the passion we share for good in this world by simple words,” Dillon said. “As veterans of military and national security, we swore an oath to the Queen and Country many years ago and we are so very fortunate to have assembled such a capable team to help protect Canadians and our friends in a challenging time of human evolution." 

"When the four original Sapper Labs Inc founders set out to establish a company it was for the simple purpose of keeping like-minded friends working together in the field of cyber/IT security and digital forensics,” added Covell. “The level of professionalism, talent, dedication, diversity and compassion that each and every individual brings to the table is exceptional. It is a pleasure and an honour to work with these amazingly talented Canadians and to tackle some of the most rewarding and challenging problems found in cyberspace today." 

Certainly, there is no lack of difficult cyber defence and intelligence problems for Sapper Labs to address on behalf of its government and industry clients. Thankfully, the experts at this company relish the challenges of cyber defence and are happy to take up virtual arms in defence of their clients and Canada as a whole. 

"The world of data and the surveillance capital culture is moving too fast for operators to keep ahead of intelligent attacks, disinformation and other threats,” Dillon told CDR. “That’s where we come in: Sapper Labs believes in a vision of striving toward a software-fights-software model that keeps humans in the loop and augments that human capability through automation, AI and ML in the cyber defence and cognitive warfare domains. We are able to perform tasks that would take hundreds of hours in minutes with our advanced toolsets." 

"I have no doubt that we are going to help do some real damage in the intelligence and cybersecurity fight," concluded Seitz. 

 

James Careless is CDR’s Ottawa Bureau Chief

 

 

Comments (0)

Name*:
E-mail*:
Security code* (enter digits in the frame)
Security code