Hooked by Phishers – a Poem taken largely from overheard conversations at the 2021 Information Security Symposium
By Dr. Andy Jones
The wargaming red teams and blue teams
Wish they could just shoulder surf each other's second monitors,
And then purple team it all the way to lunch,
Warmed up in their own kitchens to the sound of student guitarists.
Having hocked their tongs and forges,
All the blacksmiths have given up looking for work
That isn't metaphorical.
Stripped of their anvils, they eye no fires.
The avocet's rostrum curves backwards.
Seeking sleepy anemone in Biscayne Bay,
The backwards-beaked bird doesn't know that it is on the red team,
Always spear-fishing its prey, like Darwin filling his notebook.
They take naïve crustations as hostages,
Carving ransom notes in the brackish sediment.
Why are there so many birds in this poem?
Don't you remember? He has to write about the words in the chat.
Oh boy. This could take a while.
Don't blame me. I'm from Quebec.
The Canadian barrister walks our beaches,
Orchestrating alibis as the promised triple-digits
Burn off the marine layer's pea soup:
The pettifog is out of fog.
L'avocat Quebecois craves la soupe aux pois.
I was told there would be no Frenglish.
Orchestration of eavesdropping,
Van Eck is really curious about your CRT vacuum tube,
But he can only see so far in this land of anapests,
Preferring the concatenation of corporate spondees:
Proof Pounce, Force Point, Slip Rock, Bump Key, Lock Box –
Whatever you do, don't mock the conference sponsors.
Is this where I mention STIX and TAXII, with two I's, in the same sentence?
What is the blast radius of this gloaming defenestration soliloquy?
No one can deny that geopólitics begets cyberactivity.
Sigh. I miss everything, even my commute.
Swedish hackers approach IKEA like a smörgåsbord,
Returning to their post-shenanigan dark web homes
with a pickled herring feast of PII numbers and names: Johansson, Anderson, Karlson.
So many patronyms! Maybe the daughters can protect us,
Hardening the city's walls as if those villainous Vikings
Had not long since reached the data: Life's a breach.
Now the threat actors are measuring the drapes in Gripsholm Castle.
Remind me: Were the tailgaters piggybacking,
Or were the piggybacks tailgating?
Who authorized those interlopers,
And will any of this appear in today's Pub Quiz?
What good are notebooks?
I don't know, but I just overheard some scheming
By members of a white hat blockchain gang,
Hardened Start-up founders Googling potential business
domain names taken from those of conference participants.
More O's, one of them said, like Google or Goop!
More spondees, the other said, like Crowdstrike and Netskope. Careful!
They wanted me to settle the dispute:
Should they call their company Luten, the past participle of Lute;
Babcock, after the Vermont-born Civil War General and later Lighthouse Inspector;
Or Shriver, which has an air of mystery to it,
like a mononymic detective riding a custom bicycle.
In the end, they alighted on the obvious choice: CRYPTOJACK.
With a breakfast cereal name like that, what could go wrong?
Everyone wondered if Dr. Andy's Mad Libs poem,
This ransomware hydra, would ever end.
Tell me about it. I requested a haiku.
I heard he plans to recite all the conference TLAs
In iambic pentameter, rhymed in Dante's terza rima.
Thanks for that threat analysis, Bub, but what's a TLA?
A Three Letter Acronym. Duh. Is this your first conference?
One of the vendors taught me how to mute someone's Zoom mic,
Even if you aren't the host or the co-horse.
If he's the host, then we're the hostages.
Ha! That's a good one. OK, explain the MUTE trick.
Oh, it's easy. You just do this.