Hello Readers ! Today I am giving you an overview of Cybersecurity Fundamentals on Attacker's perspective. How an attacker established the successful cyberattack.
Here, I am giving you the short information which helps you for easy to remember. You can easily find the brief description over internet but here you can make an easy note to remember.
Let get started.
Cyberattack Cycle
- Attacker's Perspectives
Attack Cycle :-
- driven by military model
- by Lockheed Martin
- Industries-accepted Methodology
Steps:-
- Reconnaissance
- Weaponizations
- Delivery
- Exploitation
- Installation
- Command and Controls
- Action on Objectives (Exfiltration)
Reconnaissance
Performing Reconnaissance:-
- Information Gathering
- Passive Reconnaissance
- Active Reconnaissance
Information Gathering:
- To gather the information about Victims or targets
- E.g. Open Ports, Services and Systems etc...
Passive Reconnaissance:
- To gather information without directly interacting with the target
- It is looks like a normal flow of traffic.
Active Reconnaissance:
- To gather information about target by actually sending the packets to targets.
- Directly Interacting with the target.
Weaponizations And Delivery
- Exploitation
- CVE
- Creativity
Exploitation:
- It is sequence of commands that takes advantage of vulnerabilities
- Cause of unintended behavior of software or hardware.
CVE:
- Common Vulnerabilities and Exposures
- This system is a list of standardized names for vulnerabilities and other information security exposures.
Creativity:
- Be creative like Hackers
- Used multiple attack vectors
- Write your own codes
- Built tools for exploitation
Exploitation And Installation
- Privilege Escalation
- Installation
Privilege Escalation:
- Attackers are taking advantage of programming errors or any vulnerabilities lies on design flow of application or software.
Installation:
- Here access has already been granted.
- More advanced tools or techniques are needed in order to further process of controlling systems.
Command And Control
- Persistence
- Backdoor
- Listener
Persistence:
- Act of creating easy way to get back.
- Means No need to hack again and again for gain access.
E.g. Backdoor, Listeners
Backdoor:
- It's a security breach.
- Allow access to classified data without authentication.
Listener:
- It is a service awaiting connection from victim's system
- If it is active, hackers get access again.
Action on Objectives (Exfiltration)
- Data Exfiltration
- Denial of Service
- Destruction
Data Exfiltration:
- Stealing valuable information.
- e.g. databases, user's sensitive information
Denial of Service:
- Create a machine by attackers to network resource unavailable.
- Preventing its functionality and disrupting the usage of resources.
Destruction:
- Damage to specific organizations.
- Loss of information, money and time stamp spent for restoring systems
Thanks for reading, I hope you liked this blog.
Happy Learning!!!