On Fri, Mar 20, 2015, at 03:50 AM, Max R.D. Parmer wrote:
Leidos, being a subsidiary of SAIC, makes me concerned this man might be working on contract to perform non-destructive entry of your facility. Newbish to not have a pretext, unless the pretext is being from Leidos, in which case maybe the intent is just to induce fear.
Is the door he was seen at shared with other parties? If so, having building management reach out to other tenants with a photograph of the man and the device would be a good way to enhance situational awareness around the building and to make any later attempt at whatever he was doing more difficult without explicit collaboration. Sharing these details and concerns may possibly aid in correlating the activity with authorized activities from the other tenants. If it's a single tenancy area, be sure to share these details with your management and co-workers if you haven't already.
Sorry, I should have mentioned that Leidos are in the same building as us. However, they are not on our floor and are seperated by a few floors, so he had zero business being on our level. We're considering getting building management to setup swipe access to our level.
Is the door, or any nearby door, secured via a prox-card system? If so, my first assumption is this might be an attempt to record RFID transactions.
Yes, you need RFID to get into our office space.
Does your business have wireless access points reachable from the device location? This may be targeting that traffic if so.
Yes. This was our main concern. Seeing the antennas made me immediately think that it was some sort of pentest into our wifi.
Naturally, several of these questions have potentially operationally sensitive answers and you shouldn't answer them here. Just some things to consider.
I think your business should: - share all information with other tenants/coworkers/building
Already done. I've shown the video to the other tenants on the same floor and they have all turned on the awareness.
management to increase situational awareness and potentially reveal the reason for this event.
Management were as suspicious as I was. Since Snowden, we (I work at FastMail) have upped our paranoia for obvious reasons as I would consider us to be in the same boat as the other targets.
- begin considering doing a TSCM sweep
This makes sense. Never considered it before.
- consider enlisting counsel to reach out to Leidos to get them to affirm or deny participation in this escapade
Yeah, that's why I was asking for info on the device. We wanted to know what it was so we knew how to approach them.
- consider contracting with a firm to provide heightened guarding
Yep. Considering our options. Thanks for your response. Alfie -- Alfie John alfiej@fastmail.fm