In: Computer Science
Research cyber kill chains. Is this a legit "game changer" in the IR space? How so?
Give a specific example
Cyber kill chains are used to break down the structure of a military attack. It breaks military attacks into a pattern of identifiable stages.
From defensive perspective, it is very important and legal to understand these inorder to prevent this. However, acceptance is not universal, with critics pointing to what they believe are fundamental flaws in the model.
Lockheed Martin’s cyber kill chain is an example of this. It breaks down an external-originating cyberattack into 7 distinct steps:
Step 1- Reconnaissance
In this step, the intruder picks a target, researches it, and looks for vulnerabilities
Step 2-Weaponization
Then the intruder develops malware which is used to exploit the founded vulnerability
Step 3-Delivery
Then he or she transmits the malware to the system
Step 4-Exploitation
After reaching it in the system, the malware begins executing on the target system
Step-5- Installation
And the malware installs a backdoor for the attacker
Step 6- Command and Control
By this intruder gains persistent access to the victim’s systems/network
Step 7- Actions on Objective
Intruder perform whatever he or she wants