Kill Chain

8th January 2020 | Cybrary Kill Chain
The Kill Chain we need to pay attention to in order to prevent breaches of our company.

A Kill Chain in cybersecurity reveals the phases of a cyber attack, from early reconnaissance to the goal of data exfiltration. Kill chains are also used as management tools for security professionals to help continuously improve their systems and network’s security. According to Lockheed Martin, threats must pass through many phases in the kill-chain, including:

  1. Reconnaissance: Intruder selects target, researches it, and attempts to identify vulnerabilities in the target network.
  2. Weaponization: Intruder creates remote access malware weapon, such as a virus or worm, tailored to one or more vulnerabilities.
  3. Delivery: Intruder transmits weapon to target (e.g., via e-mail attachments, websites or USB drives)
  4. Exploitation: Malware weapon’s program code triggers, which takes action on target network to exploit vulnerability.
  5. Installation: Malware weapon installs access point (e.g., “backdoor”) usable by intruder.
  6. Command and Control: Malware enables intruder to have “hands on the keyboard” persistent access to target network.
  7. Actions on Objective: Intruder takes action to achieve their goals, such as data exfiltration, data destruction, or encryption for ransom.

 

Should SMB’s worry about Kill Chains?

In a word. Yes.  Kill chains simply illustrate the process by which hackers infiltrate your network.  Interrupting the kill chain means discovering the hacker before they complete objective 7 – Actions on Objective.  As an SMB owner, you want to build a robust cybersecurity program that can identify hackers before they execute their objective.  In most cases, that’s installing a ransomware attack to force a bitcoin payment out of you.  SMB’s can interrupt the Kill Chain through education and awareness training to prevent steps 3 to 7 from occurring.

Source: Lockheed Martin, Varonis

To learn more about Kill Chains, watch this short video:

https://youtu.be/ucuytPpm2iI
Latest Blogs

Stay sharp with the latest security insights

Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.

CyberHoot Goes Fully Passwordless: Native Passkey Support Arrives for Administrators

CyberHoot Goes Fully Passwordless: Native Passkey Support Arrives for Administrators

For four years, CyberHoot has argued the same thing on its blog: passwords are major weak link. They get reused,...

Read more
Don’t Score an Own Goal: Outsmart World Cup 2026 Scams

Don’t Score an Own Goal: Outsmart World Cup 2026 Scams

The 2026 FIFA World Cup kicked off on June 11th across the United States, Canada, and Mexico. Six million fans...

Read more
Hackers steal your cookies. Chrome may help stop Session Cookie Theft!

Hackers steal your cookies. Chrome may help stop Session Cookie Theft!

Google has built and released a new cookie protection measure that makes stolen session cookies useless on any...

Read more