What is the Cyber Kill Chain?

Fahri Korkmaz
Aug 31, 2023

--

The cyber kill chain is a model that describes the attack process on IT systems and identifies the stages that an attacker goes through to carry out a successful attack. It consists of the following phases:

  1. Reconnaissance: gathering information about the target to develop an attack plan.
  2. Weaponization: The creation of malware or other attack tools.
  3. Delivery: transferring the malware to the target, e.g. via email attachments or social engineering.
  4. Exploitation: using a vulnerability in the system to gain access.
  5. Installation: Install malware on the target system.
  6. Command and control (C2): Transmission of commands and data to and from controlled systems.
  7. Actions on objectives: execution of the attacker’s desired actions on the targets, e.g., data theft or system takeover.

--

--