Stagehand: S1 Origins
The only thing all billionaires have in common is that when they need something to not be done—they call the government, and when they need something done–they call people like me.
I’ve heard about the case. I knew the FBI was on it. But I’ve learned by now that the only thing all billionaires have in common is that when they need something to not be done—they call the government, and when they need something done–they call people like me. Lincoln Palmer said none of this, of course. He said almost nothing, as his attorney explained that there’s reason to believe that the kidnappers are specifically looking to steal data from Lincoln’s firm and that this kidnapped CISO was most likely taken for just that reason.
Who is them? I asked, knowing full well it was going to be…
The Chinese Government, his attorney said as he passed the file across the table. I thought about a similar file, passed across the table to me almost four years ago, by the man that funded this business. The file ultimately that started Stagehand.
I’d driven my 2006 Nissan with 230, 000 miles on it from my South Boston place to Nantucket for David (don’t call him Dave) Steele’s annual Fourth of July BBQ. David was a Harvard classmate and good friend that hit it big when the company he’d built from the ground up was acquired for $6BN by a financial services leviathan. I parked alongside the Porsches, Range Rovers and Bentleys crowded outside his charming beach mansion, and walked around the back entrance overlooking the beach. Over the years, I’d met members of David’s small billionaire club and as I looked out onto the partygoers, noting every familiar face, it took everything I had not to sink a knife into the necks of some of these colossally patronizing pricks. I was only 40 years old but I felt like the oldest man among them.
I was already thinking of an exit strategy when David intercepted me. It was the first time he’d ever greeted me without a hug. For an instant, I thought he was coming to tell me that this wasn’t a party for me and to go home, back with the other knuckle draggers. It took one look at David’s face to know that this was something else. He was reticent and nervous, and he couldn’t look me in the eye when he asked if I would join him inside the house.
It took everything I had not to sink a knife into the necks of some of these colossally patronizing pricks
David led me into his library that overlooked Nantucket Sound, where a former Republican candidate for President was tucked sheepishly into the red Chesterfield couch, his eyes bloodshot and his nerves wracked. I’d seen this man speak in front of millions of people and knew him to be a confident, shrewd leader. But this afternoon, he was a broken, despondent man. Mike Pennington, CEO and Chairman of Ex Nihilo Ventures informed me that his daughter had run away with a religious cult or was brainwashed by a sex cult that was actually a front for a human trafficking ring or something adjacent which I couldn’t quite figure out through his weeping. I sat across from the two men, their combined value more than most countrys’ GDPs, when Mike Pennington slid a file across the live edge walnut table that cost more than most people make in a year. On top of the file was a black cell phone.
“Sully, I’m sure you realize that I am a man with a tremendous amount of resources at my disposal. Nothing matters more to me than family. You need anything, cash, jets, helicopters, whatever… you just call me on this phone.”
I looked down at the file. The phone.
This man, who had so much power that his family drama could shift the global economy, was trusting me, a stranger, to get his daughter back home. Any port in a storm, I guess.
Of course, I knew that David had probably shared my specific set of skills with Mike. My time in the Marines. My time in black ops. My time in a small, elite, nameless unit in which I applied highly trained skills allowing me to track, locate and contain a target. This unit took its orders directly from the President.
The things I did for this country took my youth, my innocence, my body and most likely, my mind—the jury is still out. David didn’t mention this.
Once docked in Boston, I adjourned to JJ Foleys for a Guinness and to review the file on Pennington’s daughter. Sophia was on the fast track to Harvard. Like her father, she was a brilliant student and a stud athlete at an elite private school in Massachusetts. I scanned the stories in her school paper that chronologized both her scholastic and athletic successes and the photos of her smiling with friends and family in happier times. The file contained video stills that showed Sophia Pennington meeting an elderly woman at Logan Airport, then others of her getting on a direct flight to Dallas.
As I finished my pint, I made a quick call to a former Marines buddy who now worked as a TSA agent at Dallas Fort Worth Airport. He was able to obtain surveillance photos of Sophia and the elderly woman exiting the airport and getting into a white windowless van. Video from the parking garage pay booth gave me a grimy visual of a Texas license plate. I ran it through the databases I’d bought when I serviced my MIT classmates with similar situations. When I cross referenced the credit card on the dark web, I confirmed a match.
GRACE PERRON, AGE 68, LIVED AT 101 MESSIAH’S WAY LUCKENBACK TX.
I called Sophia Pennington’s father and told him what I needed. The following morning, a black suburban appeared in my driveway and I knew the jet I requested was ready to take me to Dallas.
By the time I arrived at the house Pennington provided, the large Pelican cases I had requested containing weapons, ammunition, communications gear, and specialized laptops were already there. So was my old teammate Dan, a former SEAL Team Six guy who skipped undergrad and went straight for a Ph.D. in computer science at MIT. Dan made good money as a cybersecurity pentester, but if you saw the way he looked at the assault rifles, you’d understand that Dan wasn’t here for the money.
Intel on Grace Perron revealed that she wasn’t the leader of a cult or the cover for a human trafficking ring. She was instead a grieving mother who’d lost her child a couple years back and found a willing follower and surrogate daughter in Sophia Pennington. We knew this meant that Grace had nothing to live for and if she learned we were taking Sophia away from her, she might do something desperate to Sophia or herself. Dan was able to hack into Sophia’s router, giving us access to Grace’s computer and online activity.
After a week of surveillance, it appeared that the two were never apart. We concluded Sophia had already sustained some level of psychological damage; waiting until she was alone would only exacerbate the situation. So, we chose our window for the job. Every day, around eleven thirty in the morning, Perron and Sophia went to the local convenience store for lottery tickets and cigarettes. Sophia always accompanied her so our hopes of simply hitting the house weren’t going to fly. The risks seemed minimal. Still, whether it’s a sixteen-year-old girl in nowhere, Texas or a CIA operative in Beirut’s Hezbollah territory, I’m always nervous until the action starts.
If you saw the way he looked at the assault rifles, you’d understand that Dan wasn’t here for the money.
Dan and I waited down the road until we saw Grace and Sophia drive past us in her white van. We held for a moment, then followed. As we drove and neared the action we’d been deprived of in our civilian lives, I could see the hint of a smile creeping across Dan’s face. A mile later, as Grace and Sophia slowed to stop at an intersection, we swiftly pulled alongside Perron’s van and rammed directly into her driver’s door. Dan and I moved quickly. He smashed out Perron’s driver’s side window before she’d realized what had hit her and as he secured her, I opened the unlocked passenger door and grabbed Sophia.
Dan had a MP5 shoved into Perron’s agape mouth, “you move and whatever remnants of a brain you have left will be splattered all over your windshield.”
I carried a shocked and terrified Sophia to our car. Once Dan saw she was secure, he returned to the driver’s seat, leaving Grace Perron catatonic but unharmed in her totaled white van. We needed to ditch our vehicle quickly because in a town where a tornado is the only major activity, an apparent kidnapping at gunpoint would surely cause a stir. As we drove to meet the helicopter, I looked over at Sophia and saw a very pissed off and traumatized teenager. I didn’t know what the hell she was running from but I definitely knew what she was feeling right now.
I phoned Pennington from the jet heading to Boston and told him he would be reunited with Sophia in two and half hours. I also told him that if he didn’t get her professional help, she’d be out the front door the next chance she got. I knew from experience that the mind has got to be reprogrammed or it will seek out the same experiences again and again. I don’t know if he got the message, but I knew we got the job done.
Months later, I was settling into my new home in Vermont, courtesy of Mike Pennington. He didn’t technically buy me the house but I could afford it after rescuing his daughter. The phone rang as I finished eating dinner. It was Mike Pennington
“Sully. Jack… I don’t know what to call you, but do you know who this is?”I said, “yes, sir, I do.”
And then he said, “I’ve been speaking with some friends of mine and we think that the type of service you and your team offer could be a lucrative business opportunity.”
I had considered this before but was surprised to hear someone else say it. I never had the capital to start an operation like this. Mike Pennington and his buddies however did not have this problem. With an initial seed funding of twelve million dollars, my team and I could build a business aimed at helping extremely wealthy and powerful people accomplish the impossible, discreetly.
And that’s exactly what we did. We started Stagehand.
I look at the file from Lincoln Palmer’s attorney. It’s just like the file I received from Mike Pennington and countless other clients who rely on me and my team to get things done. We’ve got to find a CISO that has access to Lincoln’s data before the Chinese Government gets it out of him. It’s not the same as taking out a terrorist cell, but it pays the bills.
I grab the file. We’ll get started right away.
Stagehand: S1 Episode 8
Carl Timmons was given 24 hours to decide what he wanted to do. This was a tactic. Twenty four hours to sit alone and think about all the money he could want and the price he’d pay for it. And 24 hours to also contemplate what Andre Savin might do to him before...
Stagehand: S1 Episode 7
Andre Savin and Lincoln Palmer had met on several occasions and had the type of relationship you’d expect between two men of their standings on the billionaire scale. Contemptuous but also understanding. They were both driven by the same desire—access to...
Stagehand: S1 Episode 6
Belfast, New York - 1889 They called him The Boston Strong Boy—arguably the first real boxing star and one of the highest paid athletes of his time. He’d always been good at school. He attended Boston College where his parents thought he might pursue...
What Is Zero Trust Anyway?
About three minutes into planning this post, I had one of those “god, I am old” moments. Here is why I had the moment. I have worked in cybersecurity since 1994. My first job was at a big 3 working for the U.S. government through one of the world’s...
Why Bots Are the Next Big Thing in Account Takeover Fraud
Account takeover fraud may sound like a familiar term in cybersecurity, yet its prevention methods in the e-commerce domain are still nuanced. Retailers are historically concerned with payment fraud systems related to chargebacks. This happens when a customer makes a...
Stagehand: S1 Episode 5
Kuwait, 1990 I’m launched out of a submarine a few miles off the coast of Kuwait City. When I swim to shore, I quickly change into my dry land clothes—a full burka. I was a six-foot-one Marine posing as a good Muslim woman. The catch, beneath the modest...
Ransomware: When Policy Matters Most
Most CISOs divide their approach to cyber defense into three pillars: people, technology, and processes. These pillars define a cybersecurity program’s defensive architecture and arsenal, available assets, and policies and procedures that together inform...
Selling to a CISO? Practice Empathy, Not Salesmanship
The cyber security marketplace is hot. Ask any candidate for a cybersecurity role. Better yet, ask any supplier to CISOs. The supplier audience is especially vast, and it’s continuing to grow. Just three years ago, there were estimated to be less than 2,000...
The Risk of Measuring Risk
Automated measuring of control effectiveness is a very good idea conceptually. When you can combine control gaps with relevant threat information, you get a very good picture about the actual technical cyber risks your business faces. If done correctly, it provides...
Stagehand: S1 Episode 4
Keith and I left the scene like we found it: the two kidnappers dead on the floor, their shotgun up against the wall, and the rope used to tie up Carl Timmons sprawled out on the floor. We tipped off local law enforcement and were gone before they arrived, leaving no...
SecOps Needs More Democratization, Not Less SOC
An increasing complexity of technologies, as well as an increasing number of failures and attacks followed by an increasing dependency on business goals is changing the way we run Security Operations Centers. I previously discussed the concept of a Fusion Center as an...
Measuring a Cyber Awareness Culture
Until recently, cyber awareness metrics have been treated by many as a tick-box exercise driven by regulations. The regulator requires x number of hours of cyber awareness training per employee per year, and once that is done, the organisation ticks a box and waits...
Good Enough Isn’t Good Enough Anymore
The cyber risks we face today are more than we faced previously but also fundamentally different in several respects. Our adversaries are more adept and their tools and tactics more protean in capability. In light of these increasing challenges, our cyber defenses...
Data Classification: Building, and Pitching, a Rock Solid Program
In our final installment, we are going to discuss how you roll all the concepts previously covered into a plan of action. The difference between the success and failure of a data classification program is a lack of action. I have reviewed over 10 programs in my...
Stagehand: S1 Episode 3
Cyprus ~ 2006 Ali Hassan was a low-level operative in Hezbollah, but we had it on solid authority that he knew where three high-level leaders of the terrorist organization were hiding. Keith arrived fifty-seven hours into Hassan’s interrogation and by the looks of it,...