Cyber Kill Chain

A model created by Lockheed Martin that borrows a military concept and reapplies to cybersecurity.

1. Reconnaissance

Attackers gather information about the target and the tactics for attack

2. Weaponization

Attackers develop their malware to prepare for the attack

3. Delivery

Attackers transmit the malware to the victim

4. Exploitation

The malware “detonates” and starts to exploit vulnerability

5. Installation

The malware installs access point that provide access to the attacker

6. Command and Control

The attacker takes over the victim’s system and network

7. Action on Objective

The attacker execute actions to achieve their goals