Cyber kill chain describes how cyber attackers break into companies’ systems.
It contains 7 steps -
- Reconnaissance: Attackers collect information about the staff from the target company e.g. email address, public info in social network platforms, etc. By using tools, attackers can scan websites or systems to find out which type and version is being used by the company.
- Weaponization: Attackers look for tools or design their own tools to execute the cyber attacks, e.g. backdoor, trojan, etc.
- Delivery: Attackers deliver weaponized packages to the victim via email, web, flash drive, etc.
- Exploitation: Attackers exploits a vulnerability to execute code on the victim's system.
- Installation: After the exploitation stage, malware will be installed on the victim’s system. This ensures attackers have long-term access and control of the victim’s system.
- Command & Control: This part is also called C2. It is a common channel for remote manipulation of the victim.
- Actions: Take action to accomplish their original goals.
For various cyber attacks, the cyber kill chain can help the enterprise cybersecurity team studying system breaches or knowing and dealing with them. By doing so, the team can successfully achieve their cybersecurity defense goals.
TeamT5 is a leading brand in delivering Asia Pacific intelligence. We are established in Taiwan and harness our geographical & cultural strengths to assist enterprises and organizations in fortifying their cybersecurity defenses through our intelligence-focused offerings. This allows analysts to foresee potential threats & incidents and deliver action items for decision-makers to make accurate decisions and mitigate risks.Learn more about our cybersecurity solution: https://teamt5.org/en/products/threatvision/
Related Post
ThreatVision Resources
2022.05.22
What is Cyber Threat Intelligence (CTI)? Why Does It Matter?
cyber threat intelligence, threat hunting