Team PhishRSS Wins AFCEA’s EPIC Annual App Challenge

We already know there’s an app for that—whether it is to pay the bills, stream a favorite show, connect with friends, order dinner or monitor your heart rate and exercise. And now there’s an app to help strengthen social media privacy settings.

Answering the AFCEA International Emerging Professionals in Intelligence Committee (EPIC) annual app challenge, this year a team of Thomson Reuters Special Services (TRSS) data scientists won the $5,000 first place prize with its development of an approach to assess and address counterintelligence phishing risks related to users’ LinkedIn profiles.

The winning TRSS team, named PhishRSS, identified previous real-world targets of reconnaissance with public LinkedIn profiles whose jobs, experience and recommendations were collected through a custom-built LinkedIn engine. Combining analysis, keywords and relevant categories, the team developed a hierarchical detection and ranking algorithm modeled after the U.S. military’s Vietnam-era CARVER strategic prioritization framework or CARVER Matrix. CARVER, which stands for criticality, accessibility, recuperability, vulnerability, effect and recognizability, identifies and ranks specific targets for effective use of attack resources. 

Fellow TRSS employees joined the team’s effort and tested PhishRSS’s app on their own LinkedIn profiles, which shed valuable insight on diminished protections they thought they had. “Even if you think your privacy settings only include people you trust, there are ways around those hurdles—even on the clear web, such as premium account features, cached versions and open source tooling,” said Chris Smith, a data scientist at TRSS and the app challenge team lead.

Not only did the team assess and score the phishing risk of a set of LinkedIn profiles, but it managed to deduce an adversary’s goals based on the target set and create a ranked order of defensible attributes. The team's final EPIC App Challenge submission included automated extraction of data and features, risk modeling and proposed avenues for mitigating counterintelligence concerns.

“Foreign adversaries aren't only interested in developing relationships with people with government information. Intellectual property, trade secrets, keyholders to infrastructure and personnel, all should be protected,” said Hannah Lensing, an associate technical consultant and team member, who added that the EPIC App Challenge offered valuable lessons about identifying and addressing counterintelligence problems in real time.

With the number of challenges and resource constraints that government agencies and businesses alike face in developing better and safer technologies, the annual AFCEA EPIC App Challenge provides that much-needed spark to ignite innovation and keep development going, said Ray Cross, AFCEA’s vice president for Intelligence. “Apps are increasingly necessary, from operational success to day-to-day living, and we need to leverage the talent of innovators willing to develop and then share their successes so that we all may benefit,” Cross said. “It’s inspirational to watch them create, collaborate and then deliver.”

The 2021 EPIC App Challenge, sponsored by Microsoft Federal, gave companies six weeks to create an app and showcase their analysis, critical thinking and expertise to technical leaders and senior executives within the intelligence community. The 2021 EPIC Challenge broadened its aperture of acceptable solutions from submissions that focused exclusively on the development of software applications to address specific and relatively narrow national security technology challenges, to include not only custom software applications, but also demonstrations of security techniques and digital forensics.

The winning team announcement was made during the Intelligence & National Security Summit, an event co-hosted by AFCEA and the Intelligence and National Security Alliance. EPIC focuses on developing leaders, networking and giving back to the intelligence community (IC). The committee, comprising IC professionals ages 40 and younger from the public and private sectors, enhances AFCEA’s outreach and education to the community. It is an extension of the association’s longstanding Intelligence Committee.