I will try to explain in easiest way.
Cyber Kill Chain and the MITRE ATT&CK® Framework, stand as fundamental models in this arena, each offering unique perspectives and insights into the world of cyber threats.
Cyber Kill Chain:
Origin and Purpose:
Developed by Lockheed Martin, the Cyber Kill Chain offers a breakdown of a cyber attack, mapping out the stages from an attacker's viewpoint.
Focus and Application: It aids security teams in understanding the flow of an attack, potentially allowing for proactive defense strategies at various stages.
MITRE ATT&CK® Framework:
Origin and Purpose:
Created by MITRE Corporation, the tactics, techniques, and procedures (TTPs) used by adversaries during different stages of an attack.
Tactics and Techniques: This framework delineates various behaviors and procedures followed by attackers across multiple stages of an attack. It assists defenders in understanding adversary behavior more comprehensively.
Comparison:
Cyber Kill Chain: Focuses on attack stages, aiding in understanding the attack lifecycle.
MITRE ATT&CK® Framework: Provides an extensive library of real-world adversary behaviors and tactics employed within those stages
Cyber Kill Chain:
Understanding the Attacker's Game Plan
Imagine you're playing a game where the bad guys are trying to break into your house. The Cyber Kill Chain is like a playbook that shows how these intruders plan their moves. It breaks down their strategy into steps:
Step 1: (Reconnaissance): Attackers gather info about your house (or network) using Google Maps (or online tools) to find weak points.
Step 2: (Weaponization): They gather tools like crowbars (or malware) to break in.
Step 3: (Delivery): They send a package (or email) with something sneaky hidden inside.
Step 4: (Exploitation): Using their tools, they break open your back door (or exploit system vulnerabilities).
Step 5: (Installation): Once inside, they settle down and make sure they can come back later.
Step 6: (Command and Control): They call their buddies (or set up secret communication channels) to coordinate their next moves.
Step 7: (Actions on Objectives): Finally, they grab what they came for, like your TV (or your valuable data)
MITRE ATT&CK® Framework:
Understanding the Sneaky Tactics
Now, think of the MITRE ATT&CK® Framework like a secret spy manual that explains all the sneaky tricks attackers might use while they're in your house:
Trick 1: (Persistence): Attackers might hide spare keys outside ( ways to stick around in your network).
Trick 2: (Evasion): They might use tricks to hide from your security cameras (avoid getting caught by antivirus).
Trick 3: (Privilege Escalation): They could mess with your locks to gain more access inside your house (or get more control over your computer system).
Akash Patel
Comments