Cyber Security Awareness

Cyber Security is the backbone of an organization’s defence strategy. None of the organizations, be it a small or a medium sized, dare to let their guard down when it comes to cyberattacks. It is crucial to have a cyber security team in place to safeguard the business and stay in the race for the longer run. An appropriate cyber security defence mechanism acts a shield to prevent your business from falling into the hands of cyber intruders. We are going to learn about Cyber Kill Chain as a cyber security awareness tactic.

Cyber kill chain demonstrates every stage of a successful cyberattack. Cyber kill chain is a procedure to re-trace a cybercriminals footstep. This procedure is useful in understanding the security loopholes if any exists in the cyber security defence mechanism. It is like witnessing the cyberattack taking place in a simulated environment. Cyber kill chain shows how the cybercriminals gained access to your organization by breaking down the defence strategy in-place.

Using the cyber kill chain security model, the cyberattack simulation indicates the security flaws and vulnerabilities that played a major role in an organization’s compromise and downfall. Consequently, an organization shall take remedial actions and protect the same from happening again.

Cyber kill chain has 7 steps:

• Reconnaissance
• Intrusion Detection
• Exploitation
• Privilege Escalation
• Lateral Movement
• Obfuscation
• Denial of Service
• Exfiltration

Reconnaissance: Reconnaissance is all about target discovery or identification. Cybercriminals start their search lurking on the Internet in the hopes of finding personal information such as email ids, social media accounts of high level personnel. As the attack surface is vast, cybercriminals succeed.

Intrusion: After acquiring the intended target, cybercriminals poke to gain access into your organization’s systems and networks that involves firewalls, IPS etc. There are various hacking methodologies that cybercriminals lean onto to break a security system. Malicious attachments and links, Phishing, Social Engineering are well-known methods that cybercriminals rely on.

Exploitation: In this phase, the cyberattack simulation is tested. Experts perform various attack scenarios to gain unauthorized access and expose the vulnerabilities underlying in your network. The attack simulation highlights the weak points and the potential compromising security flaws that plays the part in a security breach.

Privilege Escalation: Post the exploitation phase, which means the cybercriminals have gained access to your organization’s systems. Now in the privilege escalation step, they poke around to gain access to sensitive information such as database access, email accounts, confidential data, and whatnot. Attempting brute force attacks to break the passwords and get complete control of a system. This leads to user identity theft.

Lateral Movement: Cybercriminals lurk around the organization’s internal network to find weak points. The step is to find the backdoor to get through and steal sensitive and confidential information.

Obfuscation: Cybercriminals makes sure that they don’t leave any evidence or trails that would get them caught. This involves deletion of logs or modification of logs, tampering with time stamps and so on. Cybercriminals make it seem like nothing is disturbed and there isn’t a breach occurred. Ultimate aim is to throw off suspicions and not get caught by cyber forensics team.

Denial of Service: DoS attack is usually enforced as a decoy or plan B. Cybercriminals initiate tons of requests to the intended device and wreck the function of that particular device.

Exfiltration: Final step of cyberattack. This step is where the cybercriminals succeed in obtaining the organization’s information or steal data.

Conclusion:

Cyber kill chain illustrates the footprints of a successful cyberattack. The entire simulation about the cybercriminals’ method of gaining unauthorized entry into your security perimeter. The above 7 steps are performed by the cybercriminals to break the cyber security strategy put forth by an organization. Cyber security awareness has to be created among users. They must understand the consequences behind a simple click which would seem harmless yet would have a devastating impact.