![intego mac internet security 2013 intego mac internet security 2013](https://www.intego.com/mac-security-blog/wp-content/uploads/2013/10/INTG_Duplicates_400x260.jpg)
Are names and contact details of your employees online? (Are you sure? Think social networks too, not just your own corporate website.) These could be used for social engineering purposes, say, for getting people to divulge usernames or passwords. What information the criminals can find about your company, and how it might be used, could surprise you.Ĭompanies often have more information available than they realize. Ideally, they would like a target that is relatively unguarded and with valuable data. From the outside, they try to find out what they can about your resources and your network to determine whether it is worth the effort. This is the stage where the criminals are trying to decide what are (and are not) good targets. Reconnaissance: Viewing Your Network From the Outside Let’s look at the various stages to determine what questions you should be asking yourself to decide whether it’s feasible for your organization. It’s not just something that applies to government contractors or giant corporations, though it does take quite a bit of work if you’re not already set up to gather a whole lot of data about your digital resources. Lockheed Martin recently released details of its own success using a kill chain tactic to stop someone who had intruded on its network. If you don’t stop the attack until it’s already in your network, you’ll have to fix those machines and do a whole lot of forensics work to find out what information they’ve made off with. You need to know when something is there that shouldn’t be, so you can set the alarms to thwart the attack.Īnother thing to keep in mind is the closer to the beginning of the chain you can stop an attack, the less costly and time-consuming the cleanup will be. Using the Cyber Kill Chain to keep attackers from stealthily entering your network requires quite a bit of intelligence and visibility into what’s happening in your network. In essence, it’s a lot like a stereotypical burglary – the thief will perform reconnaissance on a building before trying to infiltrate it, and then go through several more steps before actually making off with the loot. And likewise, they can be used for protection of an organization’s network. The Cyber kill chain is a similar idea, which was put forth by Lockheed Martin, where the phases of a targeted attack are described. The less information an attacker has, for instance, the less likely someone else can use that information to complete the attack at a later date. Ideally, the further towards the beginning of the Kill Chain an attack can be stopped, the better.
![intego mac internet security 2013 intego mac internet security 2013](https://www.macitynet.it/wp-content/uploads/2013/06/IntegoInternersecurityico.jpg)
In military parlance, a “Kill Chain” is a phase-based model to describe the stages of an attack, which also helps inform ways to prevent such attacks.