He was back in the Threadline office by Friday morning, forty-eight hours after the Geneva meeting.
He called the full team together before anyone had settled into their normal rhythms. Priya had a customer call scheduled at nine that she rescheduled without being asked when she saw Marcus's face. Jin put down his coffee. Amir and Yuki were already there.
"There is a credible threat of a supply chain attack against our infrastructure," Marcus said. "I can't tell you the source of the intelligence. I can tell you it's credible and the timeline is weeks."
The room was quiet.
"What kind of attack?" Yuki said.
"A compromise of an upstream vendor or dependency — something we rely on that is also used broadly enough that the attack isn't obviously targeted at us. The objective is to corrupt our output data, not to steal it. They want to discredit the findings we've produced."
Yuki was already opening her laptop. "Dependency audit."
"That's the first step. I want a full dependency graph for every service we run — not just first-order dependencies, all the way down. Third-party libraries, cloud service providers, API vendors, authentication services, monitoring tools. Everything." He looked at her. "Prioritize by attack surface. Which dependencies have the most write access to our data pipeline?"
"I can have a preliminary graph in three hours," she said. "Full audit by end of day."
"Amir." He turned. "The supply chain intelligence product — the monitoring layer you built. Can it be adapted to monitor our own dependency infrastructure for anomalies?"
Amir looked at him with an expression that was half-professional assessment and half genuine interest in the problem. "The monitoring layer looks for behavioral anomalies in external data sources. The same logic applies to internal dependencies — if a library starts behaving differently than its baseline, or a service changes its response pattern, that's detectable." He paused. "I'd need to instrument the dependencies first. A week, maybe less."
"Start now. Treat it as top priority over the Reiss product work."
"Understood."
He looked at Jin. "The API layer — I want read-only access flags on every external data connection until the audit is complete. If a dependency needs write access to our pipeline, I want to approve it individually."
Jin nodded. "That'll break some of the automated ingestion jobs."
"Break them. We can run manual ingestion for two weeks. I'd rather have slower data than compromised data."
"Done by end of day."
He looked at Priya. "Customer communication. If we have any latency issues while we're hardening the infrastructure, I want proactive outreach before they notice it. Not a security disclosure — just a maintenance window notice."
"I'll draft it this morning."
He looked at the table. Everyone was already moving mentally, already engaging with their piece of the problem. He thought about the architecture of trust — how it changed the way a team responded to a crisis. Not scrambling. Orienting.
"One more thing," he said. "The equity refresh agreements. Marsh finished the paperwork yesterday. They're in your inboxes. Review them, ask me anything, sign when you're ready." He looked around the table. "We're about to go through something difficult. I want you to know the value of what you've built here before we go through it."
No one said anything. No one needed to.
---
The dependency audit took Yuki nine hours and produced a document that was, Marcus thought, the most important thing the company had generated in its existence. It mapped 847 discrete dependencies across Threadline's full infrastructure stack — libraries, services, vendors, authentication systems, monitoring tools — and ranked them by attack surface in a framework Yuki had designed herself.
The top twenty nodes accounted for approximately 80% of the total attack surface. Three of them had direct write access to the primary data pipeline. One of them was a widely-used open-source data validation library that was maintained by a team of three volunteers and had not had a security audit in eighteen months.
Marcus looked at the open-source library entry for a long time.
"This one," he said.
Yuki looked at the entry. "It has twelve thousand downstream users. An attack on it would affect a large enough population that we're not obviously targeted."
"Who maintains it?"
"Three people. The primary maintainer is a developer in Berlin. The other two are occasional contributors — one in Singapore, one whose location is obscured."
"The obscured location contributor — when did they join the project?"
Yuki checked. "Eight months ago. Three commits since joining, all minor."
Eight months ago. Marcus thought about Sorokin's timeline, about the Davies relay server that had been built eight months before Marcus joined the project, about an organization that planned ahead and played long games.
"I want the identity of the obscured contributor," he said. "Through public means only — GitHub activity, commit metadata, email headers if they're exposed."
"I'm on it," Yuki said.
He called Elaine while Yuki worked.
"The dependency audit identified a likely attack vector," he said. "An open-source data validation library with a suspicious contributor."
"Name the library."
He named it.
A pause. "We've seen this library appear in two other contexts in the past six months," Elaine said. "Different threat actors, same target profile — widely used, under-resourced maintainer, specific downstream targets among the users." A pause. "This is consistent with a supply chain operation that's been in preparation longer than Sorokin's timeline suggests."
"How much longer?"
"Possibly eight months."
"That's what I thought." He paused. "Can you pull the contributor identity from a signals source?"
"We can try. Give me the commit hash on the suspicious contributor's most recent commit."
He read it to her from Yuki's screen.
"Twenty-four hours," she said.
Yuki had a partial identity in six. The commit metadata contained an email address hash that cross-referenced against a developer profile on a secondary platform — not GitHub, a smaller code-sharing site that used different privacy defaults. The profile was sparse but not empty. It connected to a username that had been active on three professional forums, and the combination of forum posts, writing style, and timezone-consistent activity patterns placed the contributor with 74% confidence in a specific geographic region.
Eastern Europe. Specifically, consistent with Kyiv or nearby.
Marcus looked at this and thought about Sorokin's origins — Kyiv-born, educated in Moscow and Zurich. He thought about a network that recruited people with specific technical backgrounds from specific geographic pools.
He sent the analysis to Elaine with a one-line note: *74% confidence, Eastern European, Kyiv-consistent. Probable Varela technical asset.*
Her reply came back in eleven minutes: *Confirmed by signals source. Full identity being processed. Do not touch the library — we want the attack to proceed under controlled conditions.*
Marcus read the last sentence twice. *Do not touch the library — we want the attack to proceed.*
He understood the logic. A controlled attack on a prepared defender generated intelligence about the attacker's methods and timing. Disrupting the attack prematurely closed the window.
He also understood that "controlled conditions" meant accepting a period of vulnerability for Threadline's infrastructure while the working group ran their operation.
He thought about his team. He thought about customers whose compliance findings depended on Threadline's output integrity. He thought about the Monitor stories and Carla Reyes and the $180 million school construction investigation.
He called Elaine back.
"I'll leave the library in place," he said. "But I'm implementing a shadow validation layer — a parallel data integrity check that runs independently of the compromised library. If the attack modifies our output, the shadow layer will catch the modification and flag it without the attacker knowing the flag exists."
A pause. "That's within the controlled conditions framework."
"I thought it might be."
"Build it. And send me the architecture before you deploy."
"You'll have it by morning."
He worked until 2 AM on the shadow validation layer. It was elegant — not because the architecture was complex, but because it had to be invisible to work. A duplicate validation pipeline that ran on completely separate infrastructure, compared its results to the primary pipeline's outputs, and logged any discrepancy without surfacing the discrepancy in the primary pipeline's normal monitoring. If the attack came and modified the primary output, Threadline's customers would see what appeared to be normal results, the attacker would believe the corruption had succeeded, and Marcus would have a precise record of exactly what had been changed and when.
He sent the architecture to Elaine at 2:17 AM.
At 2:31 AM she replied: *Approved. Deploy when ready.*
At 2:47 AM the shadow layer was in production.
He went to bed.