The Hacker’s Workflow

March 28, 2019 | Views: 5022

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

The Hacker Workflow

Cybersecurity professionals are outwitted all the time, resulting in breaches, data leaks, downtime, etc. Utilizing their tools, processes, and products help remediate and manage the threat of the hacker. However, it takes more, but what is that “more”? Education on best practices, hardening methods, and understanding of threats in the wild is a start. But what about getting inside the mind and workflow of a hacker?

The Cyber kill chain, developed by Lockheed Martin is an industry-accepted methodology, which outlines the 7 stages hackers utilize to own a target, this is the workflow of a hacker.

Lockheed Martin’s Cyber Kill Chain

1.       Reconnaissance – Learn the environment, technical and Non-technical.

2.       Weaponization – Develop the tools such as a payload to be used.

3.       Delivery – Thumb drive drops, emails, injections into vulnerable targets.

4.       Exploitation – Exploit discovered outdated/vulnerable products.

5.       Installation – Set malware, virus, randsomware, etc on an asset.

6.       Command & Control (C2) – Control of an asset, which can be utilized to pivot the network.

7.       Actions of Objectives – Obtain data, blackmail, sabotage, payout.

By empowering IT and Security departments with the knowledge of the “kill chain”, they can develop, and deploy products and processes based off each stage rather attempting to reinvent the wheel of cyber security practices. This also allows for organizations to start with a foundation and build its security program with the actual threat in mind, rather looking for where fires can develop, or even finding fires that must be put out.

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
1 Comment
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel