1. Identify & Recon
The attacker is gathering information about the targeted environment, scanning for open ports and vulnerabilities, and evaluating how to penetrate systems.
Understanding the Cyber Kill chain®
Lockheed Martin's Computer Incident Response Team developed the Cyber Kill Chain® to describe different stages of an attack.
Scroll down to view these stages of an attack.
2. Initial Attack
The attack plan has been formulated and the campaign is kicked off. Multiple attack vectors are deployed, persistently trying different methods to infiltrate the target.
3. Command / Control
Once an intrusion attack is successful, the attacker starts to position itself to take over the compromised asset, and use it to expand his foothold in the environment. The orchestration of how to exfiltrate the targeted data begins here.
4. Discover / Spread
The attacker explores to locate where the target data resides, and identify additional assets to own.
5. Extract / Exfiltrate
Once the target data has been located, the attacker employs a low and slow approach to stealthily extract the data and go undetected.
Impact
The degree of impact that data breaches can have on organizations can vary, and go beyond just financial loss. It can affect areas such as brand credibility and consumer mistrust, regulator scrutiny, and business operations.
