Understanding how malware attacks work is vital to defend against them. To ease this process, threat analysts have developed models that map the stages of cybersecurity attacks, allowing defenders to identify areas where they can break the chain and stop the attack. The Cyber Kill Chain is one of these models, developed by Lockheed Martin.
The steps are:
- Reconnaissance: Attackers gather information on their target.
- Weaponization: Attackers develop their attack payload.
- Delivery: Attackers launch their intrusion.
- Exploitation: Attackers compromise their target.
- Installation: Attackers gain persistence on their target.
- Command and control: Attackers issue commands to their payload.
- Actions on objectives: Attackers complete their end goal.