“You can’t buy the Cyber Kill Chain®, but you can buy into it.” – Justin Lachesky
In a recent webcast, Justin Lachesky, Lead Analyst & Manager, Security Intelligence at Lockheed Martin, and Jon Heimerl, Senior Security Strategist at Solutionary, discussed tactical and strategic approaches of using the Cyber Kill Chain® to effectively respond to cyber-threats.
After reviewing key findings from the NTT Group’s 2016 Global Threat Intelligence Report, Heimerl introduced an incident response case study (minute 10:18 of the recording below) in which the team effectively leveraged the Cyber Kill Chain® analytic framework to better understand each phase of the attack and gain a comprehensive picture of the adversary’s tactics, techniques and procedures. The mid-size financial client, code named Peaceful Panda Financial Corporation (PPFC), did not know they were breached until day 65 of the attack.
Lachesky jumps in at minute 13:10 of the recording to walk us through the seven successful steps the adversary took before posting sensitive PPFC data to a PasteBin site.