Knowing the Kill Chain can stop Cyber Attacks.
I saw this news flash a few minutes ago. In my earlier blog on April 13, 2018, (Closer than Cuban Missile Crisis https://wp.me/p7XEWW-13s), I mentioned that Russia will attack, covertly though and here we are. Russia accused of global net hack attacks.
This is not a bluster, nor is it a war mongering. It is actually happening and will continue to be seen sporadically with increasing frequency. IT security pretty much mimics physical espionage and spying. In olden days (and even now) they have moles that infiltrated the enemy. The model remains same, except that a malware is installed in place of a mole. That malware observes and reports all the activities on the enterprise or in the case of a state, the critical ecosystem.
A single malware is not enough. Often, multiple agents are installed, constantly listening, watching and gathering the flow of information within the ecosystem wherein, those are installed. They communicate with each other rather notoriously and covertly, unbeckoned by the system monitoring. These are well known tactics in cybersecurity, called as Reconnaissance. In fact, Lockheed Martin has seven step frameworks, called ‘Kill Chain’ to identify and mitigate those attacks (also called as Advanced Persistent Threat or APT in short. After Target and Sony hack, industry is fast moving towards mitigating those attacks.
What started as an individual prank is not outgrown to become state army. Often, certain countries are considered to have state sponsored hacking. Most cited examples are China, Russia, North Korea and Iran. However, others such as UK, who recently attacked ISIS, are not lagging behind.
It is interesting to understand and unravel how the future wars are likely to play out. However, suffice it to say, use your electronic gadgets or anything connected wirelessly or wired, with all industry supported best standards. Maybe, you may fall victim and serve as an entry point to those intruders. Avoid being a victim. Protect your nation.