The Cyber Kill Chain
The Cyber Kill Chain is an adaptation of a military kill chain. It is a step-by-step process used to identify and contain enemy activity – a systematic approach to identifying and eradicating it. The Cyber Kill Chain can be seen in the following diagram:
Figure 5.1 – The Cyber Kill Chain
The Cyber Kill Chain is a framework that describes the various stages of several common cyber attacks and, along the same lines, the various points at which an information security team can prevent, detect, and intercept these attacks. Lockheed Martin originally developed the Cyber Kill Chain in 2011.
Seven sequential steps were involved in Lockheed Martin’s original Cyber Kill Chain model.
Phase 1 – reconnaissance
Reconnaissance is when a malicious actor identifies a target and investigates vulnerabilities and weaknesses within the network that may allow them to exploit the target. To accomplish this goal, the...