Stage One – Reconnaissance

Apr 29, 2024

The Cyber Kill Chain: An Overview

The Cyber Kill Chain framework was developed by Lockheed Martin to describe the typical stages of a cyber attack. It outlines the steps an attacker takes to compromise a target, from initial reconnaissance to final data exfiltration or system disruption. (1)

Here’s a handy image:

Cyber

(image source : https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html)

The seven stages of the Cyber Kill Chain are:

  1. Reconnaissance - The attacker gathers information about the target to identify vulnerabilities.
  2. Weaponization - The attacker creates malware or an exploit to be used in the attack.
  3. Delivery - The attacker delivers the malware or exploit to the target, often through methods like phishing.
  4. Exploitation - The attacker exploits a vulnerability to gain access to the target system.
  5. Installation - The attacker installs malware on the compromised system to maintain access.
  6. Command and Control - The attacker establishes control over the compromised system.
  7. Actions on Objectives - The attackers carry out their primary goal (e.g., data theft, system disruption).

Even together, these steps don’t seem daunting. But each one is full of details, and in aggregate they are a powerhouse.

Why know about these steps? The idea is that stopping an attack at one point either greatly hampers the rest of....

Author

Ross Moore
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023