The idea of the cyber kill chain was first developed by Lockheed Martin more than a decade ago. The basic idea is that attackers perform reconnaissance, find vulnerabilities, get malware into victim systems, connect to a command-and-control (C2) server, move laterally to find juicy targets, and finally exfiltrate the stolen data.
Attackers can be caught at any point in this process and their attacks thwarted, but this framework missed many types of attacks right from the start. Today it is becoming even less relevant. “The cyber kill chain was a great way to break down the classic steps in a breach,” says Michael Salihoglu, cybersecurity managing consultant at Crowe, a public accounting, consulting, and technology firm. It was also a useful tool for defenders to help them come up with strategies to stop the attacks at each point in the chain.
More Stories
Patch Tuesday, May 2024 Edition
Microsoft today released updates to fix more than 60 security holes in Windows computers and supported software, including two “zero-day”...
Data Breaches in US Schools Exposed 37.6M Records
Comparitech said 2023 was a record year for breaches with 954 reported, up from 139 in 2022 and 783 in...
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m giving a webinar via Zoom...
Ebury Botnet Operators Diversify with Financial and Crypto Theft
The 15-year-old Ebury botnet is more active than ever, as ESET found 400,000 Linux servers compromised for cryptocurrency theft and...
CISA and Partners Unveil Cybersecurity Guide For Civil Society Groups
The guide is designed to provide high-risk communities with actionable steps to bolster their cybersecurity defenses Read More
How Scammers Hijack Your Instagram
Authored by Vignesh Dhatchanamoorthy, Rachana S Instagram, with its vast user base and dynamic platform, has become a hotbed for...