Understanding the stages of a cyber attack

The “kill chain”, typically used in military terms lays out the stages of a cyber attack.

It starts with early reconnaissance to completing the attack with the goal of data theft and enabling more attacks.

These stages in cyber attack are:

1. Reconnaissance – The intruder selects a target device, researches it, and searches for vulnerabilities

2. Weaponization – Intruder uses a remote access malware weapon, such as a virus or worm, addressing a vulnerability

3. Delivery – Intruder transmits weapon to the target device, whether through e-mail attachments, websites, USB drives, etc.

4. Exploitation – Malware weapons program code to triggers the attack. This then takes action on target network to exploit vulnerability.

5. Installation – Malware weapon installs access points for the intruder to use.

6. Command and Control – Malware then enables intruder to have “hands on the keyboard” persistent access to the target network, also enabling future attacks.

Any device that connects to the internet is a potential target, security cameras, toys, TV’s, wearables, and even fridges.  They often have little or no security system, making step 2 of the kill chain rather easy.

Prevention is better than cure

2Gen protected