Cyber kill chain describes how cyber attackers break into companies’ systems.
It contains 7 steps -
- Reconnaissance: Attackers collect information about the staff from the target company e.g. email address, public info in social network platforms, etc. By using tools, attackers can scan websites or systems to find out which type and version is being used by the company.
- Weaponization: Attackers look for tools or design their own tools to execute the cyber attacks, e.g. backdoor, trojan, etc.
- Delivery: Attackers deliver weaponized packages to the victim via email, web, flash drive, etc.
- Exploitation: Attackers exploits a vulnerability to execute code on the victim's system.
- Installation: After the exploitation stage, malware will be installed on the victim’s system. This ensures attackers have long-term access and control of the victim’s system.
- Command & Control: This part is also called C2. It is a common channel for remote manipulation of the victim.
- Actions: Take action to accomplish their original goals.
For various cyber attacks,the cyber kill chain can help the enterprise cybersecurity team studying system breaches or knowing and dealing with them. By doing so, the team can successfully achieve their cybersecurity defense goals.
Learn more about our cybersecurity solution: https://teamt5.org/en/products/threatvision/
Products & Services
What is Cyber Threat Intelligence (CTI)? Why Does It Matter?
cyber threat intelligence, threat hunting