7-Stages of Cyber Kill Chain

By Deloitte

One of the most important knowledge that a cyber security professional would have to know is the Cyber Kill Chain. The Cyber Kill Chain is a seven-stage model that illustrates how cyber criminals get to their victims and target on the system’s vulnerabilities.

7-Stages of Cyber Kill Chain

Reconnaissance

Attacker gathers information on the target before launching attack. They usually look for publicly available information on the Internet.

Weaponization

The attacker uses an exploit and create a malicious payload to send the victim without actual contact with them.

Delivery

Attacker sends malicious payload to the victim by email or through other means, which is only one of the numerous intrusion methods the attacker can use.

Exploitation

The actual exploitation only takes place when the attacker uses an exploit.

Installation

Installing malware on the infected computer is only relevant if the attacker used malware as part of the attack.

Command and Control

The attacker creates a command and control channel to continue operating his internal assets remotely.

Actions

Attacker performs these steps to achieve his actual goals inside the victim’s network.

Key takeaways

Knowing and understanding the “7 Steps of The Cyber Kill Chain” enable organisations to trace the movements of an attacker and take the necessary security precautions to prevent such attack from happening.

However, over-focus on this area can also be detrimental to network security. A persistent, highly determined and skilled attacker will always find a way into the network. Thus, instead of analysing old malware, organisation should also focus on detecting ongoing attacks before the damage is done.