The Lockheed Cyber Kill Chain is a framework that describes the seven stages of a cyberattack. It was developed by Lockheed Martin in 2011 and has since become a widely accepted model for understanding how cyberattacks are carried out. The seven stages of the Lockheed Cyber Kill Chain are:
- Reconnaissance: The attacker gathers information about the target, such as its network infrastructure, operating systems, and applications.
- Weaponization: The attacker develops or acquires malware or other tools that will be used to exploit vulnerabilities in the target’s systems.
- Delivery: The attacker delivers the malware or other tools to the target, typically through phishing emails, malicious websites, or USB drives.
- Exploitation: The attacker exploits vulnerabilities in the target’s systems to gain access to the network and its data.
- Installation: The attacker installs malware or other tools on the target’s systems to maintain access and control over the network.
- Command and control: The attacker establishes a command and control channel to communicate with the malware or other tools installed on the target’s systems.
- Actions on objectives: The attacker uses the malware or other tools to achieve their objectives, such as stealing data, disrupting operations, or launching further attacks.
The Lockheed Cyber Kill Chain is a valuable tool for understanding how cyberattacks are carried out and for developing strategies to defend against them. By understanding the different stages of the kill chain, organizations can better prepare for and respond to cyberattacks.
