The process of a cyber-killchain is much like the process of an everyday burglar. These burglars take multiple steps before they actually rob your home, car, or business. The killchain is the common steps that are used by these cyber-burglars. This being the case, it’s important for defenders to pay attention and use the steps as reference.
- Cyber-killchain allows defenders to dissect and quantify the various stages of an attack.
- Breaking any one path in the chain thwarts attackers and causes them to identify alternate means of attack.
- Information assets are the new target in the modern cyber war.
- There are seven phases of the killchain.
- Reconnaissance – Harvests info from their victims
- Weaponization – Find a backdoor to exploit
- Delivery – Send in the attack via email, web, USB, etc.
- Exploitation – Using the delivery to execute a code on victim’s system
- Installation – Installs a malware
- Persistence/Command and control – After installation has remote access to victims system
- Actions on objectives – When computers turn on, intruders accomplish their goal
- The best way to prevent hackers from taking your information is by following these steps. However, following these steps too close can cause you to miss attacks not categorized in the list of seven.