Cyber Kill Chain

From Cramsession
Revision as of 17:16, 10 July 2025 by Mflavell (talk | contribs)
Jump to navigationJump to search
✍️ Verified Author: MflavellClick to view professional profile & credentials

The cyber kill chain is a security framework developed by Lockheed Martin to model the stages of a cyberattack. It helps organizations understand how attacks progress and how to defend against them by identifying key stages and vulnerabilities. The framework breaks down an attack into a series of phases, allowing security teams to focus on preventing attacks at each stage.


1. Reconnaissance: Attackers gather information about the target, including publicly available data and network vulnerabilities.

2. Weaponization: Attackers create a malicious payload, such as a virus or malware, tailored to the target's vulnerabilities.

3. Delivery: The malicious payload is delivered to the target, often through phishing emails, infected websites, or other methods.

4. Exploitation: The attacker exploits vulnerabilities in the system to execute the malicious code and gain initial access.

5. Installation: Attackers install malware or backdoors to establish persistent access to the compromised system.

6. Command and Control: Attackers establish a communication channel to remotely control the compromised system and direct further actions.

7. Actions on Objectives: Attackers achieve their ultimate goal, such as data theft, system disruption, or other malicious activities.

Retrieved from "https://cramsession.net/index.php?title=Cyber_Kill_Chain&oldid=1222"