cleansweep redteam report 5

7/31/2019 CleanSweep RedTeam Report 5

1/18

UNCLASSIFIED//OUO

UNCLASSIFIED//OUO

SANDIA REPORTSAND2011-xxxxUnclassified//OUOPrinted August 2011

CleanSweep Red Team Report

Prepared for:

Mr. Ed HuglerDeputy Assistant Secretary for OperationsUnited States Department of Labor

Frances Perkins Building200 Constitution AvenueWashington, DC

Prepared by:

Scott MaruokaRed Team Project LeadSandia National LaboratoriesP.O. Box 5800 MS 0620

Albuquerque, NM 87185-0620

For additional Information, contact:

Han Wei LinProject Manager(505)

@sandia.gov

OFFICIAL USE ONLY

May be exempt from public release under the

Freedom of Information Act (5 U.S.C. 552),Exemption 5, Privileged Information.

Department of Energy review requiredbefore public release

William AtkinsOrg.0562829 AUG 2011

Sandia National Laboratories is a multi-program laboratory managed andoperated by Sandia Corporation, a wholly owned subsidiary of LockheedMartin Corporation, for the U.S. Department of Energys National NuclearSecurity Administration under contract DE-AC04-94AL85000.


2/18

CleanSweep UNCLASSIFIED//OUO Contents

August 2011 UNCLASSIFIED//OUO Page 2

Table of Contents

Executive Summary......................................................................................................................... 3Management Overview.................................................................................................................... 5

Introduction .................................................................................................................................. 5Objective ...................................................................................................................................... 5Rules of Engagement .................................................................................................................. 6Scope........................................................................................................................................... 6Red Team Composition ............................................................................................................... 7Analysis Environment .................................................................................................................. 7Methodology................................................................................................................................. 7Threat Model................................................................................................................................ 8Nightmare Consequences ......................................................................................................... 11Boundaries and Constraints....................................................................................................... 12Results ....................................................................................................................................... 12Attack Diagram Description ....................................................................................................... 12Management Results Summary................................................................................................. 16


3/18

CleanSweep UNCLASSIFIED//OUO Executive Summary


Executive SummaryOverthecourseofthelastfouryears,the

DepartmentofLabor(DOL)wasapproachedby

variousregulatoryauthoritiesconcernedthat

keyeconomicdatawerepotentiallysubjectto

unauthorized,premature

release.

Theeconomicdatainquestionaresubjecttoan

embargoprocesswherebyDOLcontrolsthe

timingofitsreleasetomediareportersandthe

generalpublic.TheobjectiveforCleanSweep

wastoidentifypotentialvulnerabilitiesinthe

DOLpresslockupfacilityandassociateddata

embargoandreleaseprocedures,provide

mitigationoptionsforvulnerabilitiesidentified,

andassistinmitigationverificationshouldDOL

decidetoimplementrecommendedmitigation

options.

CleanSweepcustomersincludedstakeholders

fromseveralorganizationswithinDOL:

Operations,theOfficeofPublicAffairs(OPA),

andtheBureauofLaborStatistics(BLS).Eachof

theseentitieshasitsownuniqueperspective

regardingthenatureoftheperceivedthreat

and,consequently,differingideasonpotential

solutions.Thecommonconcernamongstthese

stakeholdersrevolvesaroundtheunauthorized,

prematurereleaseofembargoeddata.

Likelyadversaries

in

this

scenario

are

profit

driven,technicallysophisticatedindividualsor

organizationswhomayhaveconsiderable

resourcesattheirdisposal.Theirtechnical

proficiencyenablesimplementationofstealthy

surveillanceequipment.Althoughtheyare

willingtobendandpotentiallyviolaterulesand

laws,violenceisunlikelyasanoperational

method.

AlthoughDOL,BLS,andOPApersonnelare

doingduediligenceintheireffortstomonitor

thepresslockupfacility,theireffortsare

complicatedby

the

presence

of

non

DOL

IT

equipmentandcommunications linesinthis

facility.Theopaquenatureofthisequipmentto

DOL,BLS,andOPAstakeholdersisamajor

impedimenttoensuringthatembargoeddata

arenotreleasedpriortoauthorization.

Thepresenceofequipmentownedbypress

organizationsnecessitatesthataccesstoareas

housingDOLcommunications anddata

infrastructureismadeavailabletoemployees

andcontractorsworkingforthesepress

organizationstoconductmaintenance.This

access,thoughcontrolledbyDOLpersonnel

escortingsuchoutsiders,createsopportunities

foradversariestocompromisecriticalDOL

communicationsanddatainfrastructure.

Thefollowingactionscouldmitigateagainst

risksidentified

during

CleanSweep:

ReplacecomputersandotherIT

equipmentinthepresslockupfacility

withDOLownedequipmentand

removetheprivatedatalinescurrently

inuse.

ProhibitanyoneotherthanDOL

personnel(orcontractorsworkingfor

DOL)fromenteringcommunications

closetswithoutatechnically

knowledgeableescort.

Provide/traintechnically

knowledgeableescorts.

Modifyexistingpolicytorequire

personalitemsbekeptinlockers

outsideofthepresslockupfacility.

Divestmentshouldbeaprerequisitefor

entry.

AlthoughnotdirectlyaddressedintheSandia

NationalLaboratories(SNL)RedTeamanalysis,

theapparentrootcausefortheissuesdriving

thisassessmentisthepossiblepresenceof

algorithmictradersand/ortheiragentsinthe

presslockupfacility.ModifyingDOLpolicyon

whatcriteriaqualifiesapplicantstoattend

releaseeventswouldlikelybeofbenefit.


4/18

CleanSweep UNCLASSIFIED//OUO


How to Use This ReportThisreportdocumentsSandiaNationalLaboratories(Sandia's)InformationDesign

AssuranceRedTeam(IDART)securityanalysisoftheUnitedStatesDepartmentofLabor

(DOL)presslockupfacility.Thefirstsection,theManagementOverview,isintendedfor

membersofDOLmanagementandprovidesanoverviewoftheactivitywithout

technicaldetails.

Readers

interested

in

knowing

at

ahigh

level

the

threats

to

DOL

informationsystems,andhowtoprotectagainstthosethreats,shouldexaminethe

AttackDiagramDescriptionpresentedintheresultssectionoftheManagement

Overview.ReaderswhowanttoknowhowtheRedTeamconducteditsassessment

shouldreadtheManagementOverviewinitsentirety.

ItisworthytonotethatbecauseSandiasanalysisrevealedverifiedvulnerabilitiesin

processes,procedures,andsystemsusedtoprotectDOLembargoeddata,thepublic

versionofSandiasreporttoDOL(thisdocument)isintentionallykeptatagenerallevel.

RepresentativesfromDOLhaveencouragedthereleaseofthissummarytothepublic.


5/18



Management Overview

TheanalysisdescribedinthisreportdesignatedprojectCleanSweepwasconducted

attherequestoftheUnitedStatesDepartmentofLabor(DOL).Thissectionisorganized

aroundthesimplifiedattackdiagram(Figure2.PresslockupFacilityAttackDiagram)

developedbytheRedTeam,describingthemostplausibleattacksagainstdata

confidentialityin

the

press

lockup

facility.

The

descriptions

of

steps

in

each

attack

provideahighlevelviewoftheattack,animpactestimateforasuccessfulattack,and

therecommendedmitigationstopreventthatattackstep.Thefollowingsections

providebackgroundfortheattackdiagram.

Introduction

Overthecourseofthelastfouryears,theDOLwasapproachedbyvariousregulatory

authorities(e.g.OIG,SEC,andFBI)concernedthatkeyeconomicdatawerepotentially

subjecttounauthorized,prematurerelease.Theeconomicdatainquestionaresubject

toanembargoprocesswherebyDOLcontrolsthetimingofitsreleasetomedia

reportersandthegeneralpublic.ThefocusofDOLmanagementconcernisthephysical,

technical,and

procedural

controls

which

constitute

this

embargo

process.

Objective

TheprimaryobjectivesofCleanSweepweretoidentifypotentialvulnerabilitiesinDOL

presslockupfacilitiesandassociateddataembargoandreleaseprocedures,provide

mitigationoptionsforvulnerabilitiesidentified,andassistinmitigationverification

shouldDOLdecidetoimplementrecommendedmitigationoptions.

SandiasIDARTteamexecutedthefollowingassessmentactivities:

1) Analysisofavailablesecurityprocesses,procedures,rules,securityequipmenttechnicalspecifications,floorplans,andotherartifactsrelatingtothepress

lockupfacility

and

embargo

process.

2) Facetofaceengagementwithkeystakeholdersintheembargoprocesstoset

commonexpectationsfortheassessmentoutcome,andfinalizescopeandthe

rulesofengagement(ROE)forassessmentactivities.

3) Inspectionandevaluationofthephysicalattributesofthepresslockupfacility

andsurroundingareaswithintheFrancesPerkinsBuilding,theinformation

technologyequipmentcontainedwithinthepresslockupfacility,associated

communicationsinfrastructure,andtechnicalsecurityequipment.IDARTteam

membersalsoconductedinterviewswithDOLpersonneltaskedwith

implementingand

executing

the

embargo

process.

4) SNLtechnicalspecialistsexecutedexteriorandinteriorsurveysoftheradio

frequency(RF)spectrumintheareaofinterest,andconductedanotherRF

spectrumanalysisduringaninformationembargo/releaseevent.

FindingsfromtheseassessmentactivitieswereanalyzedusingtheIDART

methodologydescribedthroughoutthisdocument,andasubsetoftheresultsare

recordedinthisreport.


6/18



Rules of Engagement

SNLIDARTactionswerelimitedtoobservationandassessmentduringCleanSweepno

attemptsweremadetoactivelyexploitpotentialvulnerabilities.DOLagreedtoprovide

accessandsupporttoSNLIDARTteammembersduringassessmentactivities.TheROE

weredevelopedbySNLIDARTpersonnelinconcertwithDOLofficials,andwere

formulatedto

ensure

that

Red

Team

assessment

activities

would

not

adversely

impact

DOLoperationswhileconcurrentlyprovidingresultsusefultoDOLmanagementfor

formulatingriskbasedcorrectivemeasures,ifneeded.

OfparticularnoteisthatITsystems(e.g.,computers,monitors,I/Odevices,routers,

switches)withinthepresslockupfacilityarenotownedbyDOL.Eachpressagencywith

accesstothefacilityownsandmaintainsitsownequipment,includingthe

communicationslinestotheoutsideworld.TheIDARTteamwasthereforelimitedto

visualexamination(nophysicalcontact)andobservation(visualandpassiveRF)when

thesystemswereusedbypresspersonnelduringtheJuly8,2011pressrelease.

Scope

Ideally,redteamswouldprefertoidentifyeveryweaknessinatargetsystem,explore

andtestallvulnerabilities,andproduceareportprovidingacompletepictureofthe

securitypostureforthetargetenvironment.Inreality,projectbudgetandschedule

alwaysplacealimitonthescopeofassessmentactivities.

TheIDARTprocessaddsfurtherlimitstoprojectscopebyspecifyingthethreatmodel

andassociatedadversariesandconstraints.Theselimitsareusedas"realitychecks"on

redteamcoursesofactionandrecommendations.ForDOL,thethreatmodeloriginally

specifiedanadversarialupperlimitofmoderatecapability,characterizedby

individualsororganizationsseekingtoprofitfromprematureaccesstoembargoed

economic

data.

As

explained

by

officials

representing

DOL,

the

DOL

Office

of

Public

Affairs(OPA),andBureauofLaborStatistics(BLS),thescopeofthisassessmentwas

limitedtohowsuchanadversarymightexfiltrateembargoedeconomicdatafromthe

presslockupfacilityduringapressreleaseevent.

TheIDARTteamconcentratedonthefollowing:

PhysicalattributesofthePressLockupfacilityandsurroundingareaswithinthe

FrancesPerkinsBuilding,200ConstitutionAvenueNW,Washington,DC.

Businessprocessesassociatedwithpressembargoandreleaseproceduresas

documentedbypolicyandasobservedduringanactualpressreleaseevent.

RFenvironmentfortheareaofinterest.

Computerand

communications

equipment

in

the

press

lockup

facility.

Communicationsinfrastructureforthepresslockupfacility.

TheIDARTteamspecificallydidnotconsiderthefollowing:

Threatsandvulnerabilitiesassociatedwithpersonspossiblyactingasinsiders

atDOL.


7/18



ThreatsandvulnerabilitiesassociatedwithDOLITsystemsusedinthe

acquisitionofdataandproductionoffinishedeconomicanalysis.

Surveillancevulnerabilitiesatlocationsotherthanthepresslockupfacilitybut

associatedwiththedataembargoandreleaseprocess.

Theparalleltelevisionmediaembargo/releasefacilityanditsassociated

processes.

Red Team Composition

Sandia/IDARTcreatedateamwhosememberspossessskillsspecificallyapplicableto

addressingthevariousissuespresentedbythisproject.Theteamconsistedoffive(5)

memberswithtechnicalspecialtiesincludingcybersecurityandthreatassessment,

adversarymodeling,physicalsecuritydesignandthreatassessment,electronic

surveillance,andriskmanagement.

Analysis Environment

TheIDARTteamconductedpreliminaryanalysisofinformationacquiredduringits

assessmentwhile

at

DOL,

which

was

communicated

to

DOL

stakeholders

during

an

out

briefingattheconclusionofassessmentactivities.UponreturningtotheSandia,the

IDARTteamandanIDARTsubjectmatterexpert(whodidnotaccompanytheteamto

DOL)conductedfurtheranalysistoidentifyandthenrefinepotentialattackscenarios

andappropriatemitigationstrategies.

Methodology

ForProjectCleanSweep,theIDARTteamusedasubsetoftheIDARTmethodology

illustratedinFigure1.Thismethodologyfollowsthestandardactivitiesshownonthe

leftofthefigurebyperformingtheworkanddevelopingtheproductsshownonthe

rightofthefigure.IDARTallowsaredteamtotailoramature,repeatableassessment

frameworkto

the

needs

of

acustomer

and

to

the

budgetary

and

scheduling

realities

of

aproject.Weacceptthatcompleteunderstandingofahighlycomplexsystemor

environmentisimpracticalformostprojects,andweusetheIDARTprocesstogenerate

meaningfulassumptionsandrealistic,simplifiedrepresentationsforthetarget

environment.Thisapproachallowsustocapturetheprincipalfeaturesandgenerate

customviewpointsthatareusedtounderstandprocessesandinteractionsandto

identifycriticalinterfacesandcomponents.Combiningthisunderstandingwithdomain

expertknowledge,wecanthenidentifysystemandsubsystemvulnerabilitiesand

predicttheireffectonbothsystemcomponentsandthesystemasawhole.

Notethatthematurityofthetargetsystem/environmentaffectstheapplicabilityofthe

IDARTprocess.

Targets

must

have

areasonable

level

of

maturitybe

it

in

the

operationalordesignphaseinordertosupportanIDARTmethodologyassessment.


8/18


9/18


10/18



Table 1: Generic Threat Matrix. Foregoing potentially loaded terms such as hacker ornation state actor, the Generic Threat Matrix provides a qualitative categorization ofadversaries based upon attributes describing their capabilities in terms of technical andorganizational capacity.

Thismatrixprovidesqualitativevaluestokeyadversaryattributes,enablingthered

teamtogaugethecapabilitylevelandattacktools,techniques,andprocedures(TTPs)

suchanadversarywouldbringtobear.

InformationprovidedbyDOLofficialsandpersonnelandgleanedbytheIDARTteam

duringtheirassessmentactivitiesindicatesthefollowingadversarythreatprofileforthe

presslockupfacilityanddataembargoandreleaseprocess:

Intensity:MediumThethreatismoderatelydeterminedtopursueitsgoalandiswillingtoacceptsomenegativeconsequencesresultingfromthatpursuit.

Acceptableconsequencesmayincludeimprisonment,butusuallynotthedeath

ofgroupmembersorinnocentbystanders.

Stealth:MediumThethreatismoderatelycapableofmaintaininganecessarylevel

of

secrecy

in

pursuit

of

its

goal,

but

is

not

able

to

completely

obscure

details

aboutthethreatorganizationoritsinternaloperations.

Time:WeekstoMonthsThethreatiscapableofdedicatingseveralmonthstoplanning,developing,anddeployingmethodstoreachanobjective.

TechnicalPersonnel:TensThethreatiscapableofdedicatingasmall,independentgroupofindividualstoprovidethetechnicalcapabilityofbuilding


11/18



anddeployingTTPs.Thereisfullcommunicationbetweenthemembersofthe

group.

CyberKnowledge:HighThethreatiscapableofusingexpertproficiency,boththeoreticalandpractical,inpursuitofitsgoal.Thethreatisabletoparticipatein

informationsharingandiscapableofmaintainingatrainingprogram,aswellasa

researchand

development

program.

Access:MediumThethreatisabletoplanandplaceagroupmemberwithindirectorlimitedaccesswithinarestrictedsystem.

TheKineticKnowledgecategorywasnotusedinthisanalysis,assuchcapabilitywasnot

judgedtobenecessarytocompromisethetargetenvironment.

Thesumoftheseattributesfallbetweenlevelsfive(5)andsix(6)intheGenericThreat

Matrix(Table1),bothwithinthemediumrangeofthreatactor.Theteamassessed

theadversaryherelackedthehighlevelofintensitybecauseitisunlikelytheywould

employviolentmeanstomeettheirgoalofexfiltratingembargoeddatapriortothe

officialrelease

time.

This

adversary

has

ahigh

rating

for

cyber

knowledge

capability

becauseofthehighlytechnicalnatureofalgorithmictrading.

Insummary,likelyadversariesinthisscenarioareprofitdriven,technicallysophisticated

individualsororganizationswhomayhaveconsiderableresourcesattheirdisposal.

Theirtechnicalproficiencyenablesimplementationofstealthysurveillanceequipment.

Althoughtheyarewillingtobendandpotentiallyviolaterulesandlaws,violenceis

unlikelyasanoperationalmethod.

Nightmare Consequences

Nightmareconsequencesareworstcasescenariosinvolvingcompromiseormisuseof

informationand

perhaps

the

systems

which

produce

and/or

store

such.

In

the

formal

IDARTmethodology,theseconsequencesaremissionorientedhowwillcompromise

ofinformationandassociatedITsystemsadverselyimpactthetargetorganizations

mission,itsabilitytodobusiness?Afternightmareconsequencesareidentified,thered

teamattemptstofindawaytoachievethemwithinthelimitationsoftheidentified

adversaryscapabilities.SinceCleanSweepactivitieswerelimitedtoassessmentand

observation,redteamactivitieswerenecessarilylimitedtotabletopexercises.

CleanSweepcustomersincludedstakeholdersfromDOLOperations,theDOLOfficeof

PublicAffairs(OPA),andtheBureauofLaborStatistics(BLS).Eachoftheseentitieshad

itsownuniqueperspectiveregardingthenatureoftheperceivedthreatand,

consequently,

differing

ideas

on

potential

solutions.

The

common

concern

amongst

thesestakeholdersrevolvedaroundtheunauthorized,prematurereleaseofembargoed

data.

Nightmare Consequences for CleanSweep Stakeholders

AllDataleakresultsinnegativepress,lossofreputation

OPAAlgorithmictraderssubvertpressreleaseprocess,supplantreal

journalists


12/18


13/18



Attacksareratedinseverityfromcritical,denotinganearcertainlikelihoodof

occurrence,tolow,denotinganunlikelyevent.Figure2capturesthesemetrics.

Table 2: Attack step risk rankings. For each attack step we provide a statement of whatwas or could be done by an attacker.

Rating DefinitionCritical Anattackstepthathasanearcertainriskofoccurringinthe

futureifithasnotalreadyhappened

Important Anattackstepthatisverylikelytooccurinthefutureand

mayalreadyhavetakenplace

Moderate Anattackstepthatislikelytooccurinthefutureandcould

alreadyhavetakenplace

Low Anattackstepthatisunlikelytooccurinthefutureand

probablyhasnotyetoccurred

Attacks


14/18



Mitigation Options

Modifyexistingpolicytorequirepersonalitemsbekeptinlockersoutsideofthe

presslockupfacility.Divestmentshouldbeaprerequisiteforroomentry.Cost:Low.

Metaldetectoratpresslockupfacilityentry.Securitycheckpointsatbuilding

entrancesare

some

distance

away

from

the

Lockup

facility,

and

press

personnel

are

notescortedbetweenpoints.Cost:Medium.

ReplacecomputersandotherITequipmentinthepresslockupfacilitywithDOL

ownedequipmentandremovetheprivatedatalinescurrentlyinuse.Cost:High.

RemodelpresslockupfacilitywithRFshielding.AttenuatingmaterialblocksRF

communicationsintooroutofthefacility.Cost:Medium

Retainstatusquo.Cost:Nil.

Attacks

.


15/18


16/18



Mitigation Options

LimitthenumberofBlackBoxeseachpressorganizationmayuse.Cost:Nil. MountBlackBoxestowalloronraisedshelvessothattheequipmentiswithinplain

view.Useuniform,colorcoded,DOLissuedcablesbetweenBlackBoxesandIT

equipment.Cost:Low/Medium. Adopttamperevidentdecalsforinventorytags.Cost:Low. ReplacecomputersandotherITequipmentinthepresslockupfacilitywithDOL

ownedequipmentandremovetheprivatedatalinescurrentlyinuse.Thiswould

eliminatetheneedfortheBlackBoxesaltogether.Cost:High.

Management Results Summary

TheresultsofIDARTsassessmentareasfollows:

AlthoughDOL,BLS,andOPApersonnelaredoingduediligenceintheireffortsto

monitor

the

press

lockup

facility,

their

efforts

are

complicated

by

the

presence

of

nonDOLITequipmentandcommunicationslinesinthisfacility.Theopaque

natureofthisequipmenttoDOL,BLS,andOPAstakeholdersisamajor

impedimenttoensuringthatembargoeddataisnotreleasedpriorto

authorization.BecauseDOLmaynotconducttechnicalinspectionofthis

equipmentormonitordatatrafficforunauthorizedactivity,thereisnowayto

ascertainwithcertaintythatDOLdataisnotbeingexfiltratedwithoutDOL

authorization.

DOLcommunicationsanddatainfrastructureaccesstopressorganizations

maintenancecontractorsisanissue.Thisaccess,thoughcontrolledbyDOL

personnelescortingsuchmaintenancepersonnel,createsopportunitiesfor

adversariesto

compromise

critical

communications

and

data

infrastructure.

TheBlackBoxdevicescurrentlyemployedtocontrolthereleaseofembargoed

datainthePressLockupfacilityaresimpleandfairlyrobust.However,the

currentconceptofoperationsgoverningtheirusemakescompromisingor

circumventingthiscontrolmechanismaplausibleoccurrence.Thecluttered

natureofthefacility,plethoraofnonDOLequipment,andmultipleinstancesof

BlackBoxesforsomepressorganizationscreatesopportunitiestomaskactivities

designedtoneutralizethesecontroldevices.

Asaresultoftheassessmentactivity,theIDARTteammadeseveralrecommendations

to

improve

the

security

of

DOL

systems.

The

most

important

of

these

recommendations

includethefollowing:

ReplacecomputersandotherITequipmentinthepresslockupfacilitywithDOL

ownedequipmentandremovetheprivatedatalinescurrentlyinuse.Thiswould

eliminatetheneedfortheBlackBoxesaltogether.

ProhibitanyoneotherthanDOLpersonnel(orcontractorsworkingforDOL)from

enteringcommunicationsclosetswithoutatechnicallyknowledgeableescort.


17/18



Provide/traintechnicallyknowledgeableescorts.

Modifyexistingpolicytorequirepersonalitemsbekeptinlockersoutsideofthe

presslockupfacility.Divestmentshouldbeaprerequisiteforroomentry.

AlthoughnotdirectlyaddressedintheIDARTanalysis,theapparentrootcausefor

theissues

driving

this

assessment

is

the

possible

presence

of

algorithmic

traders

and/ortheiragentsinthepresslockupfacility.ModifyingDOLpolicyonwhat

criteriaqualifiesapplicantstoattendreleaseeventswouldlikelybeofbenefit.


18/18



References

iNew York Times (no author attributed), High Frequency Trading, August 9, 2011

iiCisco, Cisco 2010 Annual Security Report,

http://www.cisco.com/en/US/prod/collateral/vpndevc/security annual report 2010.pdfiii

Alperovitch, D. Revealed: Operation Shady Rat, McAfee Blog Central,

http://home.mcafee.com/AdviceCenter/ExternalContent.aspx?id=cm malbiv

Duggan, David P., Thomas, Sherry R., Veitch, Cynthia K. K., Woodard, Laura. CategorizingThreat: Building and Using a Generic Threat Matrix. SAND2007-5791. Available:http://energy.gov/oe/downloads/categorizing-threat-building-and-using-generic-threat-matrix v

Black Box

Network Services (BBOX). http://www.blackbox.com/

cleansweep redteam report 5

Documents