SlideShare a Scribd company logo
1 of 12
Download to read offline
Lockheed Martin
The DatAvengers:
Jessica Morris, Zeyad Negash, Noelle Browne, Sarah Grandfield
Who is Lockheed Martin?
 American company with global presence
 Aerospace, defense, security, and advanced technologies
 World’s largest defense contractor
 Involved with many various government contracts
 In the US: CIA, FBI, NSA, ILS, The Pentagon, Census Bureau and Postal Service
 Security of the organization is EXTREMELY IMPORTANT
A Vested Interest in Keeping Spies Out
Telling Phone Calls
Suspicious Access Patterns
 Most users access a small set of IP addresses, at
an about equal amount.
 A handful of users access only one IP address or
one IP address disproportionately to the others
accessed.
 Although use of one IP is unusual, it does not
necessarily mean guilt alone.
 All users with a count of IPs above the median
were examined
Suspicious
Median count of IPs
Average count of IPs
Air Travel Patterns
Employee Termination
 Terminated employees are especially
suspicious
 Worth looking at crossover factors
between terminated employees
 Reasons for termination a factor
Reasons for Employee Termination
Terminated Employees With Single IP
Address Counts > 300
Factors for Investigation
 Check outgoing calls to North Korea, Peru, and Eritrea
 Cross reference with users who were fired or demoted that had suspicious IP
patterns
 Compare with air travel data
List of Potential Spies
Questions?

More Related Content

What's hot

Phishing technique tanish khilani
Phishing technique tanish  khilani Phishing technique tanish  khilani
Phishing technique tanish khilani Tanish Khilani
 
Detecting malicious URLs using binary classification through ada boost algori...
Detecting malicious URLs using binary classification through ada boost algori...Detecting malicious URLs using binary classification through ada boost algori...
Detecting malicious URLs using binary classification through ada boost algori...IJECEIAES
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N Gbensonoo
 
Tha security awareness training
Tha security awareness trainingTha security awareness training
Tha security awareness trainingRob Valdez
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hackingsamprada123
 
Suspected ‘black hole’ hacker arrested
Suspected ‘black hole’ hacker arrestedSuspected ‘black hole’ hacker arrested
Suspected ‘black hole’ hacker arrestedJohn Davis
 
ethical hacking report
 ethical hacking report ethical hacking report
ethical hacking reportAkhilesh Patel
 
Unveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureUnveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureLourdes Paloma Gimenez
 
Malta Economic Update 06 2008 - isec interview
Malta Economic Update 06 2008 - isec interviewMalta Economic Update 06 2008 - isec interview
Malta Economic Update 06 2008 - isec interviewFabian Borg
 
Edu 03 assingment
Edu 03 assingmentEdu 03 assingment
Edu 03 assingmentAswani34
 
What is Phishing - Kloudlearn
What is Phishing - KloudlearnWhat is Phishing - Kloudlearn
What is Phishing - KloudlearnKloudLearn
 
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM SolutionsIPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM SolutionsLacoon Mobile Security
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanControlScan, Inc.
 

What's hot (20)

Phishing technique tanish khilani
Phishing technique tanish  khilani Phishing technique tanish  khilani
Phishing technique tanish khilani
 
Cybercrime and IT ACT
Cybercrime and IT ACTCybercrime and IT ACT
Cybercrime and IT ACT
 
Detecting malicious URLs using binary classification through ada boost algori...
Detecting malicious URLs using binary classification through ada boost algori...Detecting malicious URLs using binary classification through ada boost algori...
Detecting malicious URLs using binary classification through ada boost algori...
 
CYBER CRIME PPT
CYBER CRIME PPTCYBER CRIME PPT
CYBER CRIME PPT
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N G
 
Report on Hacking
Report on HackingReport on Hacking
Report on Hacking
 
Tha security awareness training
Tha security awareness trainingTha security awareness training
Tha security awareness training
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hacking
 
Suspected ‘black hole’ hacker arrested
Suspected ‘black hole’ hacker arrestedSuspected ‘black hole’ hacker arrested
Suspected ‘black hole’ hacker arrested
 
ethical hacking report
 ethical hacking report ethical hacking report
ethical hacking report
 
Unveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureUnveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity posture
 
Malta Economic Update 06 2008 - isec interview
Malta Economic Update 06 2008 - isec interviewMalta Economic Update 06 2008 - isec interview
Malta Economic Update 06 2008 - isec interview
 
Edu 03 assingment
Edu 03 assingmentEdu 03 assingment
Edu 03 assingment
 
Information security
Information securityInformation security
Information security
 
V
VV
V
 
What is Phishing - Kloudlearn
What is Phishing - KloudlearnWhat is Phishing - Kloudlearn
What is Phishing - Kloudlearn
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Phishing & Pharming
Phishing & PharmingPhishing & Pharming
Phishing & Pharming
 
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM SolutionsIPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
 

Viewers also liked

David Dubbs | The Beginners Guide to Internet Marketing
David Dubbs | The Beginners Guide to Internet MarketingDavid Dubbs | The Beginners Guide to Internet Marketing
David Dubbs | The Beginners Guide to Internet MarketingDavid Dubbs Internet Marketer
 
James Rawlson Habitat for Humanity
James Rawlson Habitat for HumanityJames Rawlson Habitat for Humanity
James Rawlson Habitat for HumanityJames Rawlson
 
AMIGO MGA: 8 things to know about Auto Insurance
AMIGO MGA: 8 things to know about Auto InsuranceAMIGO MGA: 8 things to know about Auto Insurance
AMIGO MGA: 8 things to know about Auto InsuranceAmigo MGA
 

Viewers also liked (8)

David Dubbs | The Beginners Guide to Internet Marketing
David Dubbs | The Beginners Guide to Internet MarketingDavid Dubbs | The Beginners Guide to Internet Marketing
David Dubbs | The Beginners Guide to Internet Marketing
 
costondorsey_resume_higher_ed
costondorsey_resume_higher_edcostondorsey_resume_higher_ed
costondorsey_resume_higher_ed
 
James Rawlson Habitat for Humanity
James Rawlson Habitat for HumanityJames Rawlson Habitat for Humanity
James Rawlson Habitat for Humanity
 
INFO491FinalPaper
INFO491FinalPaperINFO491FinalPaper
INFO491FinalPaper
 
Azure370
Azure370Azure370
Azure370
 
SystemProposal
SystemProposalSystemProposal
SystemProposal
 
AMIGO MGA: 8 things to know about Auto Insurance
AMIGO MGA: 8 things to know about Auto InsuranceAMIGO MGA: 8 things to know about Auto Insurance
AMIGO MGA: 8 things to know about Auto Insurance
 
costondorsey_resume_PM_BSA_IT
costondorsey_resume_PM_BSA_ITcostondorsey_resume_PM_BSA_IT
costondorsey_resume_PM_BSA_IT
 

Similar to LockheedPreview

Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Alisha Deboer
 
INFOGRAPHIC: IS YOUR PATIENT DATA PROTECTED?
INFOGRAPHIC: IS YOUR PATIENT DATA PROTECTED?INFOGRAPHIC: IS YOUR PATIENT DATA PROTECTED?
INFOGRAPHIC: IS YOUR PATIENT DATA PROTECTED?Diaspark
 
Cyber security threats and trends
Cyber security threats and trendsCyber security threats and trends
Cyber security threats and trendsHadeel Sadiq Obaid
 
Learning from History
Learning from HistoryLearning from History
Learning from HistoryBrian Honan
 
UK Cyber Vulnerability Index 2013
UK Cyber Vulnerability Index 2013UK Cyber Vulnerability Index 2013
UK Cyber Vulnerability Index 2013Martin Jordan
 
Cloud Computing: New Approaches for Security
Cloud Computing: New Approaches for SecurityCloud Computing: New Approaches for Security
Cloud Computing: New Approaches for SecurityJohn Rhoton
 
Jonathan raymond 2010 rotman telus - atlseccon2011
Jonathan raymond   2010 rotman telus - atlseccon2011Jonathan raymond   2010 rotman telus - atlseccon2011
Jonathan raymond 2010 rotman telus - atlseccon2011Atlantic Security Conference
 
Government Data Breaches: An Inside Job? [Infographic]
Government Data Breaches: An Inside Job? [Infographic]Government Data Breaches: An Inside Job? [Infographic]
Government Data Breaches: An Inside Job? [Infographic]Chief Optimist
 
Insider Attacks: Theft of Intellectual and Proprietary Data
Insider Attacks: Theft of Intellectual and Proprietary DataInsider Attacks: Theft of Intellectual and Proprietary Data
Insider Attacks: Theft of Intellectual and Proprietary DataLindsey Landolfi
 
The Business Case for Data Security
The Business Case for Data SecurityThe Business Case for Data Security
The Business Case for Data SecurityImperva
 
You Are the Target
You Are the TargetYou Are the Target
You Are the TargetEMC
 
ppt_deck_cybersecurity_for_Everyone.pptx
ppt_deck_cybersecurity_for_Everyone.pptxppt_deck_cybersecurity_for_Everyone.pptx
ppt_deck_cybersecurity_for_Everyone.pptxjmiham
 
Verizon's DBIR-A look into each industry
Verizon's DBIR-A look into each industryVerizon's DBIR-A look into each industry
Verizon's DBIR-A look into each industrySOCRadar Inc
 
Forrester no more chewy centers- the zero trust model
Forrester   no more chewy centers- the zero trust modelForrester   no more chewy centers- the zero trust model
Forrester no more chewy centers- the zero trust modelCristian Garcia G.
 
Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?Valerie Lanzone
 
Stopping zero day threats
Stopping zero day threatsStopping zero day threats
Stopping zero day threatsZscaler
 

Similar to LockheedPreview (20)

Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
 
INFOGRAPHIC: IS YOUR PATIENT DATA PROTECTED?
INFOGRAPHIC: IS YOUR PATIENT DATA PROTECTED?INFOGRAPHIC: IS YOUR PATIENT DATA PROTECTED?
INFOGRAPHIC: IS YOUR PATIENT DATA PROTECTED?
 
Cyber security threats and trends
Cyber security threats and trendsCyber security threats and trends
Cyber security threats and trends
 
Learning from History
Learning from HistoryLearning from History
Learning from History
 
UK Cyber Vulnerability Index 2013
UK Cyber Vulnerability Index 2013UK Cyber Vulnerability Index 2013
UK Cyber Vulnerability Index 2013
 
File000095
File000095File000095
File000095
 
Cybersecurity - Sam Maccherola
Cybersecurity - Sam MaccherolaCybersecurity - Sam Maccherola
Cybersecurity - Sam Maccherola
 
Cloud Computing: New Approaches for Security
Cloud Computing: New Approaches for SecurityCloud Computing: New Approaches for Security
Cloud Computing: New Approaches for Security
 
10 things you should know about cybersecurity
10 things you should know about cybersecurity10 things you should know about cybersecurity
10 things you should know about cybersecurity
 
Jonathan raymond 2010 rotman telus - atlseccon2011
Jonathan raymond   2010 rotman telus - atlseccon2011Jonathan raymond   2010 rotman telus - atlseccon2011
Jonathan raymond 2010 rotman telus - atlseccon2011
 
Government Data Breaches: An Inside Job? [Infographic]
Government Data Breaches: An Inside Job? [Infographic]Government Data Breaches: An Inside Job? [Infographic]
Government Data Breaches: An Inside Job? [Infographic]
 
Insider Attacks: Theft of Intellectual and Proprietary Data
Insider Attacks: Theft of Intellectual and Proprietary DataInsider Attacks: Theft of Intellectual and Proprietary Data
Insider Attacks: Theft of Intellectual and Proprietary Data
 
The Business Case for Data Security
The Business Case for Data SecurityThe Business Case for Data Security
The Business Case for Data Security
 
Final Assignment.pptx
Final Assignment.pptxFinal Assignment.pptx
Final Assignment.pptx
 
You Are the Target
You Are the TargetYou Are the Target
You Are the Target
 
ppt_deck_cybersecurity_for_Everyone.pptx
ppt_deck_cybersecurity_for_Everyone.pptxppt_deck_cybersecurity_for_Everyone.pptx
ppt_deck_cybersecurity_for_Everyone.pptx
 
Verizon's DBIR-A look into each industry
Verizon's DBIR-A look into each industryVerizon's DBIR-A look into each industry
Verizon's DBIR-A look into each industry
 
Forrester no more chewy centers- the zero trust model
Forrester   no more chewy centers- the zero trust modelForrester   no more chewy centers- the zero trust model
Forrester no more chewy centers- the zero trust model
 
Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?
 
Stopping zero day threats
Stopping zero day threatsStopping zero day threats
Stopping zero day threats
 

LockheedPreview

  • 1. Lockheed Martin The DatAvengers: Jessica Morris, Zeyad Negash, Noelle Browne, Sarah Grandfield
  • 2. Who is Lockheed Martin?  American company with global presence  Aerospace, defense, security, and advanced technologies  World’s largest defense contractor  Involved with many various government contracts  In the US: CIA, FBI, NSA, ILS, The Pentagon, Census Bureau and Postal Service  Security of the organization is EXTREMELY IMPORTANT
  • 3. A Vested Interest in Keeping Spies Out
  • 5. Suspicious Access Patterns  Most users access a small set of IP addresses, at an about equal amount.  A handful of users access only one IP address or one IP address disproportionately to the others accessed.  Although use of one IP is unusual, it does not necessarily mean guilt alone.  All users with a count of IPs above the median were examined Suspicious Median count of IPs Average count of IPs
  • 7. Employee Termination  Terminated employees are especially suspicious  Worth looking at crossover factors between terminated employees  Reasons for termination a factor
  • 8. Reasons for Employee Termination
  • 9. Terminated Employees With Single IP Address Counts > 300
  • 10. Factors for Investigation  Check outgoing calls to North Korea, Peru, and Eritrea  Cross reference with users who were fired or demoted that had suspicious IP patterns  Compare with air travel data

Editor's Notes

  1. Phone calls were deemed suspicious if they lasted for less than 10 minutes and were to or from a foreign country Countries WITH Lockheed locations were judged to have zero suspicious inbound or outbound phone calls Only suspicious phone calls are from/to countries WITHOUT Lockheed locations Most suspicious phone calls are from/to Central and South America Mexico is the country with the most suspicious calls