Full Kill Chain

Full Kill Chain

The "Kill Chain" is a model for understanding and describing a typical cyber attack and consists of several phases.

Goal setting: The attacker determines the target and collects information about the target.

Estimating phase: The attacker uses the collected information to assess the target's 3 security measures and identify which vulnerabilities can be exploited.

Access acquisition phase: The attacker tries to gain access to the target, for example through phishing, social engineering or exploiting vulnerabilities.

Furnishing phase: The attacker installs and configures tools and software on the target to gain control of the system and maintain access.

Phase of the attack: The attacker starts by carrying out the actual attack, for example by stealing data, disrupting the operation of the system or spreading malware.

Stage of Spread: The attacker tries to spread the attack further, for example by moving to other systems on the network.

Phase of maintaining access: The attacker tries to maintain access to the system even after the attack has been discovered and security measures have been strengthened.

Trace removal phase: The attacker erases the traces of the attack to hide his identity and make it more difficult to discover the attack.

By understanding the different stages of the Kill Chain, organizations can improve their security measures and reduce the likelihood of a successful attack.

Updated on 07 Aug, 2023
Tagged Cymulate