The Cyber Kill Chain
What is the cyber kill chain?
Lockheed Martin, known for defense and security technologies, among other things, has developed a new “kill chain” method of describing each stage of a cyber attack. This CSO article talks in-depth about the Cyber Kill Chain method and says, “each stage presents an opportunity to detect and react.” Although cyber attack chains may take different forms, these steps provided by Lockheed Martin could be effective for many companies around the world in protecting their data.
It may come as a surprise, but an actual thief trying to break into a building to steal goods takes very similar steps to that of a cyber thief, who instead of breaking into a building, is trying to break into your network to steal data. The cyber “kill chain” could help companies have a better understanding of where the vulnerabilities lie in their infrastructure. The more quickly you identify an attack taking place, the more rapidly you’ll be in recovery from said attack.
In the silent cyber war in which we find ourselves today, it is fitting that the first step in the cyber kill chain is reconnaissance, “which is a military term that means to locate an enemy or ascertain strategic features.” The cybercriminal must decide who to target, what valuable data they may be holding onto, and is it worth the effort to infiltrate their network. Like we saw a few weeks back in the city of Atlanta, wcyber criminals decided to go after a vulnerable network full of sensitive customer information. The criminals in the Atlanta instance probably sent phishing emails which were opened and spread unbeknownst by employees of the city leading to the data being held for ransom. This was a classic case of ransomware, and many cities around the world should be worrying about how to protect their systems from similar attacks.
This first step is one of seven Lockheed Martin has described in detail to help companies and consumers protect their data from cyber thieves. With each step, a company or individual can look and decide which step they are on and what action they can take to reverse what damage has been done.
Even with the help of Lockheed Martin and their “Cyber Kill Chain,” cybercriminals can go beyond the reach of a kill chain. As the CSO articles states,
“…attackers share lists of compromised credentials, of vulnerable ports, of unpatched applications. The traditional cyberattack life cycle also misses attacks that never touch enterprise systems at all. For example, companies are increasingly using third-party software-as-a-service (SaaS) providers to manage their valuable data.”
And that is a critical vulnerability that companies need to be aware of.
It’s more important than ever to have your systems secured and protected. Can your company survive an attack like the ones we see almost every week in the news? Will this Cyber Kill Chain provided by Lockheed Martin help businesses stay on top of all the malicious activity taking place? These questions are serious questions for companies or individuals carrying sensitive data.
One of the best ways to make sure you are secure enough is having adequate or better data backup. Backing up your data is a great way to protect yourself from cyber criminals. If cybercriminals are able to break through your securities and tamper with or steal your data will you have a clean backup easy to restore? Backing up your data gives you a safety net to prevent further damage after a breech.