// APPLIED RESEARCH // THREAT ANALYSIS // REGIONAL DEFENSE
The Illinois Cyber Foundation's dedicated research arm. We forge raw data into hardened intelligence, focusing on the risks and vulnerabilities impacting the Midwest's critical systems and infrastructure.
04
CVEs Disclosed
03
Active Focus Areas
22+
Field Contributors
100%
Community Funded
Regional Telemetry
// AGGREGATED SIGNAL VOLUME // INFRASTRUCTURE MONITORING
| Infrastructure Sector | Live Activity (72hr) | Threat | Variance | Condition |
|---|---|---|---|---|
| Municipal Gov |
|
+124% | CRITICAL | |
| Manufacturing (ICS) |
|
+12% | HIGH | |
| Education (K-12) |
|
+45% | SPIKING | |
| Healthcare |
|
+2% | ELEVATED | |
| Agriculture |
|
-8% | NORMAL |
*Data represents aggregated telemetry samples and is not intended for decision-making purposes.
Active Operations
// CURRENT RESEARCH PROJECTS // FIELD OPS
ALPR / Vehicle Tracking Research
Analyzing the ethical implications and potential for systemic misuse of automated vehicle tracking technologies in urban environments.
Project V.I.P.E.R
Securing the continuity of signals through a deep-field analysis of existing dissemination pathways within assigned radio frequency spectrums.
Open-Source SIGINT/Detection Framework
A custom appliance that sanitizes the local airspace by intercepting Remote ID telemetry, converting unmapped aerial and wireless threats into actionable tactical data.
Research Focus Areas
// CORE DISCIPLINES // OPERATIONAL VECTORS
Tradecraft Analysis
See a novel or interesting TTP used by a threat actor? Shoot us a note or join our community!
Software & Supply Chain Vulns
Investigating trust weaknesses and software bill of materials (SBOM) risks within the local supply chain.
RF Research
Exploring security protocols in cellular (5G/LTE), LoRaWAN, UHF/VHF, and satellite communications.
Regional Risk Foresight
Risk sharing specific to the Central Illinois business landscape.
Physical Security
Researching the intersection of electronic and hands-on where physical breaches lead to digital compromise.
Risk Simulation
Tabletop exercises teaching under-resourced organizations to understand threat actor tactics, make decisions under pressure, and prioritize security with limited budgets.
Group 1818 Comms Channel
// ENCRYPTED CHANNEL // REAL-TIME THREAT SHARING
Standard Operating Procedures
// DISCLOSURE PROTOCOLS // VENDOR ETHICS
Our mission is defense, not destruction. Group 1818 adheres to a strict Responsible Disclosure standard. We hold every vendor to this same rigorous standard.
Vulnerabilities identified through hands-on testing, technical exploration, and real-world investigation.
[ ACTIVE ]Rigorous internal lab testing to confirm the exploitability and impact of the finding.
[ REQUIRED ]Private outreach to the entity to establish a remediation timeline and fix validation.
[ PRIVATE ]Public disclosure post-patch or at 90 days, whichever comes first. No exceptions.
[ PUBLIC ]SUBMIT INTELLIGENCE
Do you have data relevant to regional defense or a vulnerability disclosure? Use our secure channels.
INITIATE CONTACTClosed Investigations
// ARCHIVED CASE FILES // PUBLIC DOMAIN
2025 Heartland Threat Assessment
Annual Security Roundup
Strategic Intelligence on the Convergence of Ransomware, AI Weaponization, and Supply Chain Risk in the Midwest
Read ReportSilence on the Wire: The Hidden Risks of Agentic AI Adoption in the Illinois Heartland
Artificial Intelligence - Agentic AI
Mitigating Unauthorized Function Execution and Supply Chain Fragility in Critical Sectors
Read ReportThe Silent Siege: Illinois Industrial & Agrarian Risk Landscape
OT/IoT Threat Analysis
Longitudinal Analysis of OT/IoT Vulnerabilities and Cybersecurity Threats to Illinois Agriculture and Manufacturing (2015-2025)
Read Report