2Breaking the Cyber-Attack Lifecycle
Cybercrime is an estimated $1 trillion industry. Every organization with digital assets is vulnerable to attack, and the growing sophistication of cyber-criminals and their evolving tactics only increase the chance of a security breach involving the theft of sensitive data. Effective cyber-defense must withstand changes to adversaries’ tactics and tools that traditional, nonintegrated best-of-breed legacy approaches cannot address.
3How Cyber-Criminals Operate
The Cyber Attack Lifecycle is a sequence of events that an attacker goes through to successfully infiltrate a network and exfiltrate data from it. The good news is that blocking just one stage in this lifecycle can be all that is needed to protect a company’s network and data from attack. That’s why it’s important to keep a prevention-based approach in mind and not operate as though detection is your best defense. SUMM: Focus on prevention above detection.
4Cyber-Attack Lifecycle Stage 1: Reconnaissance
Just like burglars and thieves, most attackers carefully plan their attacks. They research, identify and select targets, often using phishing tactics or extracting public information from an employee’s LinkedIn profile or corporate Websites. These criminals also scan for network vulnerabilities and services or applications they can exploit.
5Cyber-Attack Lifecycle Stage 2: Weaponization and Delivery
6Cyber-Attack Lifecycle Stage 3: Exploitation
7Cyber-Attack Lifecycle Stage 4: Installation
8Cyber-Attack Lifecycle Stage 5: Command and Control
Attackers establish a command channel back through the Internet to a specific server so they can communicate and pass data back and forth between infected devices and their server. This may allow attackers to track keystrokes, access and control a Webcam or transmit important access information back to the attacker for further penetration efforts.
9Cyber-Attack Lifecycle Stage 6: Actions on the Objective
10Prevention-Based Approach Is Necessary
Enterprises need a prevention-based approach, one that is automated and allows them to remain agile in the face of advanced attacks plus provides a unique ability to defend against cyber-criminals. Companies should look for a solution that protects every part of the global enterprise network, addressing vulnerabilities and malware arriving at the endpoint, mobile device, network perimeter and within the data center. This provides new defense and resilience to prevent attackers at every stage of the Cyber-Attack Lifecycle.