Wildlife Organization Tames Security Endpoints

As the network security engineer for the International Fund for Animal Welfare, Paul Ponte deals with security challenges that are almost as wild and wooly as the creatures his users deal with on a daily basis.

“Some of the places where we work and the people with whom we work introduce security risks that are kind of exotic,” he says.

As a controversial, international force in conservation—IFAW leads the fight against the milking of bear bile in China and the baby seal hunt in Canada. The organization finds itself in a number of crosshairs that wouldn’t normally be focused on a small non-profit, 375 people strong.

“We have encountered custom-made malware targeted at IFAW that has been delivered to us from host governments specifically for the purpose of spying, for sniffing network traffic,” Ponte says. “We’ve been mail-bombed by dozens of Japanese mail servers because of our anti-whaling stance at a time when we were doing some DNA analysis of some whale meat found in a Tokyo fishmonger’s shop.  It seems like whenever we get into any sort of semicontroversial stance, there’s always some special attention paid to us by one party or another.”

For example, when the Canadian seal hunt is on, Ponte’s team has noticed probing attacks against the laptops of users attending the watch observation mission on Prince Edward Island.

“They connect to a wireless network that was available at a free coffee shop style wireless network,  and suddenly a machine that might have had two security blocks in the previous month gets several hundred,” he says.