The concept of the cyber kill chain was created by analysts at Lockheed Martin Corporation in 2011. The concept describes the stages of the process of compromising a victim. It is referred to as a chain because all stages rely on each other, and they need to be performed in succession. The idea is that if the chain gets broken somewhere in the process, the process gets halted. The kill chain is applied to a corporate environment, and it includes the following seven stages:
- Reconnaissance
- Weaponization
- Delivery
- Exploitation
- Installation
- Command and control
- Actions and objectives
If you look back at the chapter's attack scenario, the stages can be seen by the following actions:
- The attacker finds out about the victim's ...