The Cyber Kill Chain is a modeling tool to help us demonstrate the steps typically used to break down the defenses within IT Security. The commonly used seven steps include:
Reconnaissance – Where the malicious entity does research on and selects their target.
Weaponization – Which is creation of malware payload
Delivery – Delivery of the malware payload. Can be via email (in a file or a link), smartphone, USB storage etc.
Exploitation – The malware code executes and exploits vulnerabilities within the IT environment.
Installation – Command & Control code is installed creating a backdoor
Command & Control – At this point an outside entity has control of a device within the IT Environment whether it is automated or human controlled.
Actions on Objectives – The attacker now puts goals in play which can be data theft, encryption, data destruction or just plain bringing the enterprise IT environment to a halt.
Hillstone Networks’s graphical representation of the Cyber Kill Chain in action
For more info have a look at Hillstone Networks Download white paper