The Best Way to Beat a Hacker is to Think Like One

Posted by Shruthika Kamat on August 22, 2017 at 12:13 PM

In today’s threat environment, focusing on prevention alone is no longer a sufficient strategy. In 2016, there were 40% more reported incidents of data breaches compared to 2015. Experts anticipate that the number of incidents will increase further in 2017.

IT managers must acknowledge that a data breach is possible. Understanding how a hacker thinks is critical to being prepared. 

Understanding The Cyber Kill Chain

The cyber kill chain (CKC) represents all the steps a hacker has to take to compromise a target. By developing counter strategies for each, organizations have a better chance of preventing a threat from accomplishing its mission.

 

Here are the 7 steps of the chain:

  1. Reconnaissance: The threat actor researches potential targets and tactics. The threat actor is searching for a method of attack that is both simple and offers a high probability of success.
  2. Weaponization/packaging: The threat actor acquires the tools necessary to carry out an attack, such as custom malware. Tools are generally designed to attack a specific target.
  3. Delivery: The threat is delivered through the chosen mechanism; for example, a phishing email sent to an unsuspecting user.
  4. Exploitation: Once the threat is successfully delivered, it will attempt to compromise the targeted asset. Typically this process will look to exploit a known system vulnerability.
  5. Installation: Usually the threat vector will actively communicate with the threat actor or another outside party. The application will behave stealthily, allowing the threat to remain undetected.
  6. Command and control: Threat actors now control targeted assets and gather data.
  7. Action on targets: In this final stage, the threat actor steals or compromises data or both.

It’s important to note: Hackers don’t necessarily progress along the CKC in a strictly linear fashion. Sophisticated threat actors will go back to earlier steps to conduct additional reconnaissance.

Stopping Hackers In Their Tracks

Fortunately, there are steps organizations can take to defeat a hacker at any link in the CKC.

  1. Reconnaissance: Using methods such as penetration testing to identify your organization’s vulnerabilities.
  2. Weaponization: Understand the current threat environment by keeping up-to-date on threat awareness.
  3. Delivery: Deny threat actors access to your environment via firewalls, payload inspection systems and other security technologies.
  4. Exploitation: Monitor your network. Use network, host and server technologies to detect threats and deny access to your environment.
  5. Installation: Utilize host-specific methods to detect the installation of malicious threats.
  6. Command and control: Use network monitoring tools that can detect threat actors’ attempts to access compromised assets from outside of the network.
  7. Action on targets: Prevent the actor from carrying out the core mission with technologies that can identify unauthorized activities such as next-generation firewalls and intrusion prevention systems.

Email & Network Security

 

Tags: small business, fortinet, cybersecurity, threat, management, hacker, IT

Keep up with the latest in tech trends!

Explore our blog to learn more about how the cloud can benefit your business, the importance of cybersecurity, and how a managed services provider can benefit YOU.

Want more?

Recent Posts