INVITATION TO CYBERSECURITY 68 Table 4.1 Ed Skoudis’ five phase cyber attack model. One of the nation’s largest defense contractors, Lockheed Martin, has developed another framework to outline attacks called The Cyber Kill Chain®. The United States military originated the idea of a kill chain. A kill chain describes the chain of events leading up to a successful attack. Like a physical chain, a kill chain is dependent on every link in the chain. If any link is broken, the attack cannot succeed. Defenders focus on the links to see where they have opportunities to foil attacks, and they take security measures at every link to bolster their defenses. The Cyber Kill Chain® is similar to Skoudis’ model, and contains seven links (see Table 4.2). Table 4.2 The Cyber Kill Chain® seven link cyber attack model. This section provides an overview of the main steps of a cyber attack and borrows from both Skoudis’ model and The Cyber Kill Chain®. The four phases we will examine are Reconnaissance, Gaining Unauthorized Access, Post Exploitation, and Actions on Objectives.
RkJQdWJsaXNoZXIy MTM4ODY=