Cyber Kill Chain & Social Media

The Cyber Kill Chain is a signature road map for cyber security professionals,  which was developed by Lockheed Martin.  The Cyber Kill Chain describes seven sequential steps of a cyber attack.  Social media is becoming a co-contributor to cyber-attackers as the moon is bright.  Whale phishing is a term used to describe wealthier individuals or high profile business executives.  Millions of executives use social media to market products, sale an idea and share implicitly internal information.  The sequential seven steps are listed below:

  1. Reconnaissance – Reconnaissance uses various methods used to gather public information about a target or adversary;
  2. Weaponization – Weaponization can be further used to identify vulnerabilities in hardware and software;
  3. Delivery – Once vulnerabilities have been identified, attacks methods are dispersed in various forms;
  4. Exploitation – Malware opens back doors for cyber-criminals, allowing cyber-criminals to remotely connect to further exploit;
  5. Installation – Malware has gone stealth on infected hosts to download its own software;
  6. Command and Control – Cyber-criminals have control of infected hosts where the privileges are of administrators, having control of hosts for more than 120 days; and
  7. Action – Having the privileges of an administrator, cyber-criminals infected hosts move to other critical systems with the intent of stealing data and/or using infected hosts in other cyber-attacks.

Resources:

Hayes, N.  “Why Social Media Sites are the new Cyber Weapons of Choice.”  06 Sept. 2016, http://www.darkreading.com/attacks-breaches/why-social-media-sites-are-the-new-cyber-weapons-of-choice/a/d-id/1326802. Accessed 02, May 2017.
Kane, C. “Cyber Kill Chain [1].” 08 Sept. 2014, http://gauss.ececs.uc.edu/Courses/c5155/pdf/kill-chain.pdf. Accessed 02, May 2017.
“Cyber Kill Chain.” Lockheed Martin, http://www.lockheedmartin.com/us/what-we-do/aerospace-defense/cyber/cyber-kill-chain.html. Accessed 02, May 2017.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s