• News
  • Security
  • Products
  • About Seqrite
Seqrite Blog Blog
  • News
  • Security
  • Products
  • About Seqrite
Home  /  Cybersecurity  /  What is the kill chain and the seven steps involved in it?
The-cybersecurity-kill-chain
11 October 2019

What is the kill chain and the seven steps involved in it?

Written by Seqrite
Seqrite
Cybersecurity
Estimated reading time: 2 minutes

The term ‘kill chain’ originated in the military as a concept to outline and define each stage of an attack. It has found its way into cybersecurity as well as a means to understand the structure of a cyber attack and disrupt it. There are seven defined phases of the kill chain with each phase having a specific utility to the attacker.

For enterprises waging a relentless war against cyber attackers, it is essential to understand each stage of the kill chain to make guided interventions when required and block the attack. In 2013, Lockheed Martin, the global American military giant, used this model to stop a SecurID attack.

Here are the seven phases that comprise the kill chain:

Phase 1: Reconnaissance

This phase involves both, passive and active reconnaissance on the part of the attacker. Identification of a vulnerable target is the most important objective of this phase and in pursuit of the objective, attackers will try and gather as much data and knowledge they can on their targets. This is a preparation phase before the launching of a cyber attack.

Phase 2: Weaponization

Once the Reconnaissance phase is complete, the attacker will move on to the next phase which is Weaponization. In this phase, the attacker will decide on the best type of tool they have at their disposal to carry out their attack on the target. This decision will be based on the findings of the Reconnaissance phase. The attacker could use methods like a Distributed Denial of Service (DDoS) attack, a botnet attack or malware to attack unpatched systems.

Phase 3: Delivery

The Delivery phase involves the attacker to deliver the attack through a malicious payload. This payload can be delivered through a variety of means: a phishing email, a drive-by-download attack or spear phishing.

Phase 4: Exploitation

At the Exploitation phase, the attacker exploits the vulnerability that has been discovered to carry out their attack. The targeted system is typically compromised and the attack enters the system. At this stage, the attacker has already gained a foothold and may try to make further intrusions by installing other malware.

Phase 5: Installation

After the Exploitation phase, the Installation phase involves the malicious software being installed and multiplying inside the breached system. Users may unknowingly install and spread the malware on their systems by taking actions such as sending infected emails to other users. The breaches may multiply across the affected network.

Phase 6: Command & Control

At this stage, the attacker is in full control. After successfully gaining entry and breaching an enterprise’s defenses, the malware can be fully commanded and controlled by the attacker who can use it for any malicious purposes. This can include sending back confidential information, passwords, emails or anything else the attacker seeks.

Phase 7: Action on Objectives

This is the seventh and the final stage of a cyber attack. This phase is defined as the ‘Action on Objectives’ phase and refers to the final actions which an attacker takes on conducting a successful attack. An attack could have various goals – to extract a ransom through a ransomware attack, to sell data on the Dark Web or to leak confidential information to a rival enterprise.

It is important for enterprises to understand and remain prepared for each phase of a cyber attack. As outlined above, every phase is different and requires the corresponding action.

Seqrite’s solutions enable better protection at every stage and ensure enterprises stay secure against cyber attacks.

 Previous Post2020: A new paradigm in Cybersecurity
Next Post  Prioritizing Data Security Investments through a Data Security Go...
Seqrite
About Seqrite

Follow us for the latest updates and insights related to security for enterprise networks. Subscribe to our newsletter to stay...

Articles by Seqrite »

Related Posts

  • Turn the Page Cybersecurity Predictions for 2021 & beyond

    Turn the Page: Cybersecurity Predictions for 2021 & beyond

    February 18, 2021
  • Building a holistic cybersecurity strategy to safeguard the pharma sector

    Pharma Sector needs to streamline its insides to avoid cyberattacks

    February 12, 2021
  • Data breach volumes worry governments and businesses

    The Data breach inferno burning big-ticket businesses

    February 5, 2021

No Comments

Leave a Reply.Your email address will not be published.

Cancel reply

CAPTCHA Image
Refresh Image

Popular Posts

  • The Data breach inferno burning big-ticket businesses The Data breach inferno burning big-ticket businesses February 5, 2021
  • Pharma Sector needs to streamline its insides to avoid cyberattacks Pharma Sector needs to streamline its insides to avoid cyberattacks February 12, 2021
  • Turn the Page: Cybersecurity Predictions for 2021 & beyond Turn the Page: Cybersecurity Predictions for 2021 & beyond February 18, 2021

Featured Authors

  • Seqrite
    Seqrite

    Follow us for the latest updates and insights related to security for...

    Read more..
  • Viraj Talikotkar
    Viraj Talikotkar

    Viraj is a Lead Technical Writer at Quick Heal Technologies. He is always on...

    Read more..
  • Sanjay Katkar
    Sanjay Katkar

    Sanjay Katkar is the Joint Managing Director and Chief Technology Officer of...

    Read more..

Latest Posts

  • Businesses now worried about the surge in COVID-19 infodemic

    Businesses now worried about the surge in COVID-19 infodemic

    February 26, 2021
  • Turn the Page: Cybersecurity Predictions for 2021 & beyond

    Turn the Page: Cybersecurity Predictions for 2021 & beyond

    February 18, 2021
  • Pharma Sector needs to streamline its insides to avoid cyberattacks

    Pharma Sector needs to streamline its insides to avoid cyberattacks

    February 12, 2021

Stay Updated!

Topics

Antivirus For Linux (10) apt (9) BYOD (9) COVID-19 (10) Cyber-attack (31) cyber-attacks (56) cyberattacks (12) Cybersecurity (279) cyber security (25) Cyber threat (29) cyber threats (44) Data (11) data breach (50) data breaches (27) data loss (28) data loss prevention (33) data protection (21) data security (13) DLP (49) Encryption (16) endpoint security (102) Enterprise security (14) EPS (9) Exploit (12) firewall (11) hackers (9) IoT (10) malware (58) malware attack (22) malware attacks (12) MDM (25) mobile device management (9) Network security (18) Patch Management (12) phishing (16) Ransomware (56) ransomware attack (29) ransomware attacks (30) ransomware protection (12) Seqrite (24) Seqrite Encryption (27) Seqrite EPS (33) Seqrite Services (16) UTM (34) Vulnerability (10)

Products

  • Endpoint Security (EPS)
  • Seqrite Encryption Manager
  • Seqrite Endpoint Security Cloud
  • Cloud Security
  • Seqrite mSuite
  • Seqrite MobiSMART
  • Unified Threat Management
  • Seqrite Secure Web Gateway
  • Antivirus for Server
  • Antivirus for Linux

Resources

  • White Papers
  • Datasheets
  • Threat Reports
  • Manuals
  • Case Studies

About Us

  • Company Overview
  • Leadership
  • Why choose SEQRITE?
  • Awards & Certifications
  • Newsroom

Archives

  • By Date
  • By Category

© 2020 Quick Heal Technologies Ltd. (Formerly Known as Quick Heal Technologies Pvt. Ltd.) Cookie Policies Privacy Policies

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website.
By browsing this website, you agree to our cookie policy.