How do Data Breaches Occur? Examining Lockheed Martin’s Cyber Kill Chain
Data breaches are incidents where data is taken without permission and occurs when an unauthorized program or individual accesses a network. It is necessary to emphasize that malicious cybercriminals don’t just conduct data breaches overnight. Rather, many (but not all) cyberattacks roll out in seven important steps, following a path known as Lockheed Martin’s Cyber Kill Chain. As visualized in the picture above, this chain consists of:
Reconnaissance: Conducting research and selecting targets
Weaponization: Connecting malware into a deliverable payload
Delivery: Transmitting weapons to target
Exploitation: Triggering weapon’s code, exploiting target’s applications
Installation: Installing a backdoor on target’s system, providing persistent access
Command and control: Providing “hands on keyboard access” inside target’s system
Actions on objectives: Achieving the objective of the cyberattack
Learn more about this chain on Lockheed Martin’s website.
Don’t worry if you might not understand some of these words. The main idea of this chain is that data breaches take a lot of time to occur— cybercriminals go through many steps to gain unauthorized access to data and a system.
Even though defenders have a window of time to act between when malicious actors attack and when damage settles in, the important thing to take away is that detecting and preventing data breaches BEFORE they occur is our goal. The most important aspect we as users have control over in the cybersecurity realm is implementing simple but powerful cyberattack prevention strategies. Through the cybersecure actions suggested in our Cybersecurity course, citizens can protect their data and prevent any harm caused by cyberthreats.
Stay secure,
Tiffany Tu
