Cybersecurity Fundamentals - Cyberattack Cycle
Hello Readers ! Today I am giving you an overview of Cybersecurity Fundamentals on Attacker's perspective. How an attacker established the successful cyberattack.
Here, I am giving you the short information which helps you for easy to remember. You can easily find the brief description over internet but here you can make an easy note to remember.
Let get started.
- Attacker's Perspectives
Attack Cycle :-
- driven by military model
- by Lockheed Martin
- Industries-accepted Methodology
- Command and Controls
- Action on Objectives (Exfiltration)
- Information Gathering
- Passive Reconnaissance
- Active Reconnaissance
- To gather the information about Victims or targets
- E.g. Open Ports, Services and Systems etc...
- To gather information without directly interacting with the target
- It is looks like a normal flow of traffic.
- To gather information about target by actually sending the packets to targets.
- Directly Interacting with the target.
Weaponizations And Delivery
- It is sequence of commands that takes advantage of vulnerabilities
- Cause of unintended behavior of software or hardware.
- Common Vulnerabilities and Exposures
- This system is a list of standardized names for vulnerabilities and other information security exposures.
- Be creative like Hackers
- Used multiple attack vectors
- Write your own codes
- Built tools for exploitation
Exploitation And Installation
- Privilege Escalation
- Attackers are taking advantage of programming errors or any vulnerabilities lies on design flow of application or software.
- Here access has already been granted.
- More advanced tools or techniques are needed in order to further process of controlling systems.
Command And Control
- Act of creating easy way to get back.
- Means No need to hack again and again for gain access.
E.g. Backdoor, Listeners
- It's a security breach.
- Allow access to classified data without authentication.
- It is a service awaiting connection from victim's system
- If it is active, hackers get access again.
Action on Objectives (Exfiltration)
- Data Exfiltration
- Denial of Service
- Stealing valuable information.
- e.g. databases, user's sensitive information
Denial of Service:
- Create a machine by attackers to network resource unavailable.
- Preventing its functionality and disrupting the usage of resources.
- Damage to specific organizations.
- Loss of information, money and time stamp spent for restoring systems
Thanks for reading, I hope you liked this blog.