What is the Kill Chain?
The Kill Chain is the cybercrime thriller from Scotland’s newest writer, GJ Scobie, published by Darkstroke publishing, in the summer of 2022. This blog post is one in a series called Facts behind the Fiction, in which I take an aspect of the plot and provide factual background material, giving an insight into the real world of cyber security and those who work tirelessly to defend our networks and data.
So, what is the Kill Chain?
The title of the novel has been taken from a seven-step model developed by Lockheed Martin, which outlines what a cyber criminal must do in order to achieve their objectives when carrying out a cyber attack. Each step in the model provides visibility into an attack and helps to give us an understanding of the tactics, techniques, and procedures the attackers use.
Essentially, cyber attacks can be mapped against The Kill Chain and this model assists us in our analysis of how it progressed and helps us to identify where the attackers gained an advantage over our defences.
The seven steps are as follows:
Reconnaissance, Weaponization, Delivery, Exploitation, Installation, Command & Control, Actions on Objectives.
The model helps to identify where defensive strategies can be deployed. The earlier an intervention can be made in the model, the better the chances are of stopping the attack from completing its objectives.
In the novel, Jacob thinks on this model, and how the cyber attack has followed each of the stages.
For further details and a useful infographic of the seven-step model please visit the Lockheed Martin web site
Next time, Killer USB sticks.