Cyber Kill Chain
A framework outlining the stages of a cyberattack, from reconnaissance to data exfiltration.
Understanding Cyber Kill Chain
The Cyber Kill Chain is a framework developed by Lockheed Martin to describe the stages of a cyber attack. It helps security teams analyze and disrupt attack progression.
Stages of the Cyber Kill Chain
Reconnaissance: Gathering intelligence on the target.
Weaponization: Creating malicious payloads.
Delivery: Transmitting the payload via phishing, USBs, or web downloads.
Exploitation: Exploiting vulnerabilities to gain access.
Installation: Deploying malware to establish persistence.
Command and Control: Connecting to an attacker-controlled server.
Actions on Objectives: Executing malicious intent (e.g., data theft, destruction).
Common Applications
Threat Hunting: Detecting attacks in early stages.
Incident Response: Responding effectively to security breaches.
Red Team Exercises: Simulating cyber attacks for preparedness.