Cyber Kill Chain

From ICANNWiki
Revision as of 19:08, 4 August 2021 by Jessica (talk | contribs) (Created page with "'''Cyber Kill Chain''' is a series of steps for tracing the stages of a cyberattack. The Steps include: # Reconnaissance: Attackers assess the situation to identify targets a...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Cyber Kill Chain is a series of steps for tracing the stages of a cyberattack. The Steps include:

  1. Reconnaissance: Attackers assess the situation to identify targets and tactics.
  2. Intrusion: with malware or security vulnerabilities.
  3. Exploitation: of vulnerabilities to deliver malicious code into the system.
  4. Privilege Escalation: Attackers escalate their privileges to the level of Admin to gain access to data and permissions.
  5. Lateral Movement: Attackers move laterally to other systems and accounts, gaining leverage, higher

permissions and more data and access.

  1. Obfuscation/Anti-forensics: Attackers cover their tracks with false trails, compromise data, and clear logs to confuse forensics teams.
  2. Denial of Service: Attackers disrupt access for users and systems to evade monitoring, tracking, or being blocked.
  3. Exfiltration: Attackers extract data from the compromised system.[1]

History

References

  1. 2021 RTF Report Glossary, pg. 74
Retrieved from "https://icannwiki.org/index.php?title=Cyber_Kill_Chain&oldid=1330573"