MAKE A MEME View Large Image Intrusion Kill Chain - v2.png Understanding the graphic Computer scientists at Lockheed-Martin corporation described in 2011 the usage of a new intrusion kill chain framework or model to defend computer networks <ref name Lockheed>http //...
View Original:Intrusion Kill Chain - v2.png (950x681)
Download: Original    Medium    Small Thumb
Courtesy of:commons.wikimedia.org More Like This
Keywords: Intrusion Kill Chain - v2.png Understanding the graphic Computer scientists at Lockheed-Martin corporation described in 2011 the usage of a new intrusion kill chain framework or model to defend computer networks <ref name Lockheed>http //www lockheedmartin com/content/dam/lockheed/data/corporate/documents/LM-White-Paper-Intel-Driven-Defense pdf Lockheed-Martin Corporation-Hutchins Cloppert and Amin-Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains-2011</ref> They wrote that attacks may occur in stages and can be disrupted through controls established at each stage The kill chain can also be used as a management tool to help continuously improve network defense Threats must progress through seven stages in the model Reconnaissance Intruder selects target researches it and attempts to identify vulnerabilities in the target network Weaponization Intruder creates remote access malware weapon such as a virus or worm tailored to one or more vulnerabilities Delivery Intruder transmits weapon to target e g via e-mail attachments websites or USB drives Exploitation Malware weapon's program code triggers which takes action on target network to exploit vulnerability Installation Malware weapon installs access point e g backdoor usable by intruder Command and Control Malware enables intruder to have hands on the keyboard persistent access to target network Actions on Objective Intruder takes action to achieve their goals such as data exfiltration data destruction or encryption for ransom A U S Senate investigation of the 2013 Target Corporation data breach included analysis based on the Lockheed-Martin kill chain framework It identified several stages where controls did not prevent or detect progression of the attack <ref name Senate>http //www public navy mil/spawar/Press/Documents/Publications/03 26 15_USSenate pdf U S Senate-Committee on Commerce Science and Transportation-A Kill Chain Analysis of the 2013 Target Data Breach-March 26 2014</ref> References Reflist en Intrusion kill chain for information security 2014-03-26 http //www public navy mil/spawar/Press/Documents/Publications/03 26 15_USSenate pdf U S Senate Committee on Commerce Science and Transportation other versions PD-USGov Data security
Terms of Use   Search of the Day