Security | April 21, 2017
Understanding the stages of a cyber attack
The “kill chain”, typically used in military terms lays out the stages of a cyber attack.
It starts with early reconnaissance to completing the attack with the goal of data theft and enabling more attacks.
These stages in cyber attack are:
1. Reconnaissance – The intruder selects a target device, researches it, and searches for vulnerabilities
2. Weaponization – Intruder uses a remote access malware weapon, such as a virus or worm, addressing a vulnerability
3. Delivery – Intruder transmits weapon to the target device, whether through e-mail attachments, websites, USB drives, etc.
4. Exploitation – Malware weapons program code to triggers the attack. This then takes action on target network to exploit vulnerability.
5. Installation – Malware weapon installs access points for the intruder to use.
6. Command and Control – Malware then enables intruder to have “hands on the keyboard” persistent access to the target network, also enabling future attacks.
Any device that connects to the internet is a potential target, security cameras, toys, TV’s, wearables, and even fridges. They often have little or no security system, making step 2 of the kill chain rather easy.
Prevention is better than cure