The Cyber Kill Chain Gets a Makeover

The cyber kill chain, since 2011, has been made up of seven different steps in which attackers use reconnaissance, weaponization, delivery, exploitation, installation, command and control, and objective acting to complete their mission. With this system, each step has had its own interruption tactic and the earlier the interruption could be achieved, the less damage an attack does. The first five steps of the traditional cyber kill chain have now been compiled into one step and has reportedly been used in 88% of attacks. This new makeover is allowing attacks to be automated and easier to execute on a large scale or "spray and pray" method. Researchers advise to revert "back to basics" with vulnerability scans that focus on low-level vulnerabilities to determine the easiest point of entry for an attacker and to be constantly monitoring and assessing security posture.

Related URL(s):