CS Cyber Attack Life Cycle #1 Flashcards
(16 cards)
What are cyber attack life cycle models?
Models representing the sequence of steps that cyber attacks go through
What do cyber attack life cycle models provide us?
A framework to understand cyber attacks
What 4 reasons do we need to understand cyber attacks for?
Figure out why past attacks did well, develop knowledge bases on past attacks, identify convenient and effective ways to protect assets, forecast potential next steps of ongoing attacks
What are the 7 steps of the Lockheed Martin Kill Chain?
Reconnaissance, Weaponisation, Delivery, Exploitation, Installation, Command and Control, Action on Objectives
What happens in Reconnaisance?
Selecting and researching a target
What are 2 examples of Reconnaisance?
Get email addresses from website, scan system to identify security used by target
What happens in Weaponisation?
Developing cyber weapons
What are 5 examples of Weaponisation?
PDF with malicious script, RAT, Stolen Credentials, Setup C&C infrastructure, Phishing email
What happens in Delivery?
Deliver payload to target
What are 3 examples of Delivery?
Download from website, email attachment, USB stick
What happens in Exploitation?
Execution of payload
What are 3 examples of Exploitation?
Exploit known vulnerabilities, Exploit OS auto-start, User deception
What happens in Installation?
Ensure payload persistence within the target
What are 2 examples of Installation?
Multiple copies on multiple machines, register payload as OS service with auto-start mode
What happens in Actions on Objectives?
Execution of desired action on target
What are 2 examples of Actions on Objectives?
Data Exfiltration, Disruption
