Posted October 9, 2018
Anatomy of a cyber attack
- Reconnaissance – The threat actor uses the internet, social media, or other tools to discover likely courses of attack.
- Weaponization – Code and other tactics, techniques, and procedures are found or developed to exploit the target’s vulnerabilities.
Delivery – Weaponized code is transmitted to the target.
- Exploitation and Installation – The attacker uses the tactics, techniques and procedures in the delivered code to dismantle or work around internal controls in the target to avoid detection.
- Command and Control – The attacker gained a form of control or remote access. This may include screen capture, malware execution, or spawning new virtual operating system environments.
- Execution – The objective of the attack is achieved. This can include extraction or destruction of IT and OT assets, installation of ransomware, IP theft, or other actions.