Posted October 9, 2018

Anatomy of a cyber attack

  1. Reconnaissance – The threat actor uses the internet, social media, or other tools to discover likely courses of attack.
  2. Weaponization – Code and other tactics, techniques, and procedures are found or developed to exploit the target’s vulnerabilities.
    Delivery – Weaponized code is transmitted to the target.
  3. Exploitation and Installation – The attacker uses the tactics, techniques and procedures in the delivered code to dismantle or work around internal controls in the target to avoid detection.
  4. Command and Control – The attacker gained a form of control or remote access. This may include screen capture, malware execution, or spawning new virtual operating system environments.
  5. Execution – The objective of the attack is achieved. This can include extraction or destruction of IT and OT assets, installation of ransomware, IP theft, or other actions.