In cyber security, we define the steps that a hacker takes to gain control of your system/data as the cyber Kill Chain. The first step of the Kill Chain is known as Reconnaissance. That is when the hacker selects a target, like a particular company or person, researches it, and attempts to identify personal information and/or vulnerabilities about their network. The hacker will use the information gathered in Step 1 and move on to Step 2, Weaponization, and Step 3, Delivery, where the hacker will craft a very targeted spear phishing email(s) containing malicious code and send it to the target and sometimes to the target’s coworkers, friends and family as well. Once the target bites by clicking on a compromised link in the email, a Business Email Compromise (BEC) has started.
One of the fasted growing type of attacks today, a Business Email Compromise is when a hacker gathers information about a targeted company and crafts a very high-quality phishing email aimed at specific people in the organization utilizing information gather during their Reconnaissance. If just one of the targeted recipients clicks on the malicious email, the hacker will immediately gain access to the person’s computer, and this will allow them to move to the next step of the Kill Chain, which is Exploitation.
Large-scale hacks have become all too common. Hackers start gathering information online using the treasure trove of information shared on social media and other places on the internet. You might think you have nothing of value for a hacker to target you personally, but perhaps they are targeting the company you work for – and you and your colleagues may be their way in. This is why the recent revelation that 700 million LinkedIn users’ personal details were posted for sale earlier this month on the dark web is so concerning. It’s this type of information that a hacker can use to create very targeted spear phishing emails which they can send to you and your coworkers.
To mitigate and minimize the risk of a cyber security breach, we strongly encourage all users to undergo cyber security awareness training on a regular basis. This will help to familiarize everyone, from the receptionist to the CEO, with the most common types of attacks so they are better prepared when they see one. Cyber Security awareness training will teach you how to manage your social footprint better, identify and recognize phishing emails and protect you and company.
Frederic Farcy, President, TNTMAX
PS In case you’re wondering, the remaining steps in the Cyber Kill Chain are – Installation, Command & Control and Actions on Objective.