How Enterprises Can Break the Cyber-Attack Lifecycle

1 - How Enterprises Can Break the Cyber-Attack Lifecycle
2 - Breaking the Cyber-Attack Lifecycle
3 - How Cyber-Criminals Operate
4 - Cyber-Attack Lifecycle Stage 1: Reconnaissance
5 - Cyber-Attack Lifecycle Stage 2: Weaponization and Delivery
6 - Cyber-Attack Lifecycle Stage 3: Exploitation
7 - Cyber-Attack Lifecycle Stage 4: Installation
8 - Cyber-Attack Lifecycle Stage 5: Command and Control
9 - Cyber-Attack Lifecycle Stage 6: Actions on the Objective
10 - Prevention-Based Approach Is Necessary
1 of 10

How Enterprises Can Break the Cyber-Attack Lifecycle

by Chris Preimesberger

2 of 10

Breaking the Cyber-Attack Lifecycle

Cybercrime is an estimated $1 trillion industry. Every organization with digital assets is vulnerable to attack, and the growing sophistication of cyber-criminals and their evolving tactics only increase the chance of a security breach involving the theft of sensitive data. Effective cyber-defense must withstand changes to adversaries' tactics and tools that traditional, nonintegrated best-of-breed legacy approaches cannot address.

3 of 10

How Cyber-Criminals Operate

The Cyber Attack Lifecycle is a sequence of events that an attacker goes through to successfully infiltrate a network and exfiltrate data from it. The good news is that blocking just one stage in this lifecycle can be all that is needed to protect a company's network and data from attack. That's why it's important to keep a prevention-based approach in mind and not operate as though detection is your best defense. SUMM: Focus on prevention above detection.

4 of 10

Cyber-Attack Lifecycle Stage 1: Reconnaissance

Just like burglars and thieves, most attackers carefully plan their attacks. They research, identify and select targets, often using phishing tactics or extracting public information from an employee's LinkedIn profile or corporate Websites. These criminals also scan for network vulnerabilities and services or applications they can exploit.

5 of 10

Cyber-Attack Lifecycle Stage 2: Weaponization and Delivery

Next, the attackers determine which methods to use. They may choose to embed intruder code within seemingly innocuous files like a PDF, Word document or email message. Or, for highly targeted attacks, attackers may craft deliverables to catch specific interests of an individual.

6 of 10

Cyber-Attack Lifecycle Stage 3: Exploitation

Once attackers gain access inside an organization, they can activate attack code on the victim's host and ultimately take control of the target machine.

7 of 10

Cyber-Attack Lifecycle Stage 4: Installation

Attackers will seek to establish privileged operations, root kit, escalate privileges and establish persistence to gain a foothold.

8 of 10

Cyber-Attack Lifecycle Stage 5: Command and Control

Attackers establish a command channel back through the Internet to a specific server so they can communicate and pass data back and forth between infected devices and their server. This may allow attackers to track keystrokes, access and control a Webcam or transmit important access information back to the attacker for further penetration efforts.

9 of 10

Cyber-Attack Lifecycle Stage 6: Actions on the Objective

Attackers may have many different motivations for attack, and it's not always for profit. Their reasons could be data exfiltration, destruction of critical infrastructure, defacement of Web property or to create fear/extortion.

10 of 10

Prevention-Based Approach Is Necessary

Enterprises need a prevention-based approach, one that is automated and allows them to remain agile in the face of advanced attacks plus provides a unique ability to defend against cyber-criminals. Companies should look for a solution that protects every part of the global enterprise network, addressing vulnerabilities and malware arriving at the endpoint, mobile device, network perimeter and within the data center. This provides new defense and resilience to prevent attackers at every stage of the Cyber-Attack Lifecycle.

Top White Papers and Webcasts