Register
Take the example of an actual rootkit that enters the system through user space identifying the seven steps of the cyber kill chain. Propose a step that would make it even more comprehensive?
208k views
3 votes
Take the example of an actual rootkit that enters the system through user space identifying the seven steps of the cyber kill chain. Propose a step that would make it even more comprehensive?

User Gopalakrishnan
by
4.8k points

1 Answer

4 votes

Answer:

Installation will make it more comprehensive.

Explanation: The seven steps of cyber kill chain are:

1. Reconnaissance

Using regular external scanners (Internet scanning, external penetration testing) help to understand network component and highlight what hackers would find if the organization’s network would be a target.

In case of Target, it is not known how attackers performed reconnaissance but a simple internet search provides list of Target’s supplier portal, how they interact with the company and a list of HVAC and refrigeration companies.

In this case hacker identify ip addresses of pc or other digital devices vulnerabilities .

2.Weaponization

Hackers installed Citadel malware in Target’s HVAC vendor through using a phishing email or by providing some file through other methods. They prepared a web based backdoor, a malicious script that allowed them to upload files and total control of computer or other devices. This method of attack by uploading a file and using web application as a door for penetrating into an organization.

3. Delivery

The stolen credentials of the vendor enabled access to Target’s web applications. And it starts it’s working.

4. Exploitation

On Target’s web application for vendors, hackers exploited the web application vulnerability. Hackers were able to upload a PHP file leveraging the vulnerability. Hacker will start to explore your

Device and get information.

5. Installation

After running the malicious code, hackers were able to identify specific target in the company’s internal network – The server that contains all the data on active members. They install tools into your server that will continuously send data to their computers.

6. Command & Control

Attackers sought to gain Domain Admin privileges and once they did, created a new admin account

And access all.

7. Ex-filtration

Hackers sent credit cards data from POS machine to central repository within Target’s network. The malware then copied its local file to a remote share and sent stolen data via FTP. And then remove log files for clear footprints(digital).

INSTALLION is the step that will make things more comprehensive and understandable Because once it is done your device is not on your hand. Hackers can remotely access your device at any time and get information And clear log files too for their safety.

User Avinash
by
4.2k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

5.1m questions

6.7m answers

Other Questions

Why is it important to study in a quiet well lit area A can you read it out loud and not bother anyone B you can focus on your studying without distractions C reading books in a dark too Will strain your
What is the first step you would take to create a table of authorities?
In Java a final class must be sub-classed before it. ?? True ?? False
To apply a style to a paragraph, the first step is to position the insertion point in the paragraph. True or False
What machine listens for HTTP requests to come in to a website’s domain?
Link Copied!