How Enterprises Can Break the Cyber-Attack Lifecycle | eWeek

How Enterprises Can Break the Cyber-Attack Lifecycle

Cyber-attacks
Jul 8, 2015
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More


How Enterprises Can Break the Cyber-Attack Lifecycle

1 - How Enterprises Can Break the Cyber-Attack Lifecycle

by Chris Preimesberger


Breaking the Cyber-Attack Lifecycle

2 - Breaking the Cyber-Attack Lifecycle

Cybercrime is an estimated $1 trillion industry. Every organization with digital assets is vulnerable to attack, and the growing sophistication of cyber-criminals and their evolving tactics only increase the chance of a security breach involving the theft of sensitive data. Effective cyber-defense must withstand changes to adversaries’ tactics and tools that traditional, nonintegrated best-of-breed legacy approaches cannot address.


How Cyber-Criminals Operate

3 - How Cyber-Criminals Operate

The Cyber Attack Lifecycle is a sequence of events that an attacker goes through to successfully infiltrate a network and exfiltrate data from it. The good news is that blocking just one stage in this lifecycle can be all that is needed to protect a company’s network and data from attack. That’s why it’s important to keep a prevention-based approach in mind and not operate as though detection is your best defense. SUMM: Focus on prevention above detection.


Advertisement

Cyber-Attack Lifecycle Stage 1: Reconnaissance

4 - Cyber-Attack Lifecycle Stage 1: Reconnaissance

Just like burglars and thieves, most attackers carefully plan their attacks. They research, identify and select targets, often using phishing tactics or extracting public information from an employee’s LinkedIn profile or corporate Websites. These criminals also scan for network vulnerabilities and services or applications they can exploit.


Cyber-Attack Lifecycle Stage 2: Weaponization and Delivery

5 - Cyber-Attack Lifecycle Stage 2: Weaponization and Delivery

Next, the attackers determine which methods to use. They may choose to embed intruder code within seemingly innocuous files like a PDF, Word document or email message. Or, for highly targeted attacks, attackers may craft deliverables to catch specific interests of an individual.


Cyber-Attack Lifecycle Stage 3: Exploitation

6 - Cyber-Attack Lifecycle Stage 3: Exploitation

Once attackers gain access inside an organization, they can activate attack code on the victim’s host and ultimately take control of the target machine.


Cyber-Attack Lifecycle Stage 4: Installation

7 - Cyber-Attack Lifecycle Stage 4: Installation

Attackers will seek to establish privileged operations, root kit, escalate privileges and establish persistence to gain a foothold.


Cyber-Attack Lifecycle Stage 5: Command and Control

8 - Cyber-Attack Lifecycle Stage 5: Command and Control

Attackers establish a command channel back through the Internet to a specific server so they can communicate and pass data back and forth between infected devices and their server. This may allow attackers to track keystrokes, access and control a Webcam or transmit important access information back to the attacker for further penetration efforts.


Advertisement

Cyber-Attack Lifecycle Stage 6: Actions on the Objective

9 - Cyber-Attack Lifecycle Stage 6: Actions on the Objective

Attackers may have many different motivations for attack, and it’s not always for profit. Their reasons could be data exfiltration, destruction of critical infrastructure, defacement of Web property or to create fear/extortion.


Prevention-Based Approach Is Necessary

10 - Prevention-Based Approach Is Necessary

Enterprises need a prevention-based approach, one that is automated and allows them to remain agile in the face of advanced attacks plus provides a unique ability to defend against cyber-criminals. Companies should look for a solution that protects every part of the global enterprise network, addressing vulnerabilities and malware arriving at the endpoint, mobile device, network perimeter and within the data center. This provides new defense and resilience to prevent attackers at every stage of the Cyber-Attack Lifecycle.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.