Explore chapters and articles related to this topic
Profiles of Cyber-Attackers and Attacks
Published in Nicholas Kolokotronis, Stavros Shiaeles, Cyber-Security Threats, Actors, and Dynamic Mitigation, 2021
Dimitrios Kavallieros, Georgios Germanos, Nicholas Kolokotronis
The stages of an attack can be generally described by the term “kill chain.” Across the cyber-sector, the “cyber-kill chain” has been proposed by Lockheed Martin. In this concept, the actions of an attacker who wants to accomplish his objective are described. The actions are separated in seven different stages. Despite the fact that the model applies better to “nation-state” activity—meaning cyber-war among states—it could also describe any sort of malicious cyber-behavior. Prevention and remediation activities can be applied, according to the findings of the Cyber-Kill Chain. When someone understands how attacks take place, the attacker's tactics, techniques, and procedures, as well as his skills and abilities, the person is able to design the appropriate preventive measures [37]. The seven steps of the cyber-kill chain are illustrated in Figure 1.11 and are further detailed below.
Cybersecurity Incident Response in the Enterprise
Published in Mohiuddin Ahmed, Nour Moustafa, Abu Barkat, Paul Haskell-Dowland, Next-Generation Enterprise Security and Governance, 2022
Nickson M. Karie, Leslie F. Sikos
The Lockheed Martin Cyber Kill Chain [12], sometimes referred to as the Cyber Attack Chain, was developed by Lockheed Martin to help in the identification and prevention of cyber-intrusion activities. The Cyber Kill Chain framework specifies the path or all the steps that an adversary must take to penetrate systems and achieve their objectives on the target. It can also be used as a model to develop incident response and analysis capabilities. Figure 4.1 shows the seven steps of the Cyber Kill Chain: Reconnaissance, Weaponization, Delivery, Exploitation, Installation, Command & Control, and Actions on Objectives. Each of these steps is briefly explained in the sub-sections below.
The Emerging Threat of Ai-driven Cyber Attacks: A Review
Published in Applied Artificial Intelligence, 2022
Blessing Guembe, Ambrose Azeta, Sanjay Misra, Victor Chukwudi Osamor, Luis Fernandez-Sanz, Vera Pospelova
Cybercriminals are constantly changing and improving their attack efficiency, emphasizing the use of AI-driven techniques in the attack process. This study investigates the offensive capabilities of AI, allowing attackers to initiate attacks on a larger scale, with a broader scope, and at a faster pace. This study reviewed existing literature on AI-driven cyberattacks, the improper use of AI in cyberspace, and the negative impact of AI-driven cyberattacks. The findings show that 56% of the AI-Driven cyberattack techniques identified were demonstrated in the access and penetration stage of the modified cybersecurity kill chain, 12% in the exploitation and C2 stage, 11% in the reconnaissance, and 9% in the delivery stage. CNN has the most appearances (five) among the AI techniques used by the selected authors to demonstrate access and penetration attacks. This study determined the status of existing AI-driven cyberattack research because 63% of current studies were based on implementation and evaluation, 25% on the proposed framework, and 12% on implementing AI techniques to execute AI-driven attacks. The findings show that traditional cybersecurity techniques’ inability to detect and mitigate AI-driven attacks is directly related to their inability to cope with the speed, complex decision logic, and multiple variant nature of AI-driven attacks. With the emergence of these sophisticated attacks, organizations and security teams must quickly reform their strategies, be prepared to defend their digital assets with AI, and regain the advantage over this new wave of sophisticated attacks.