From Wikibooks, open books for an open world
Jump to navigation Jump to search

A cyberattack is a hidden unauthorized access or use of information system.

One of most simple attacks is email spoofing. Notorious kind of attack is website defacement. Common method to make some money by hacking is click fraud. Ransomware is an example of expensive attack. Authorized simulation of cyberattack is called penetration test.

General stages[edit | edit source]

Preparation[edit | edit source]

As white hat hacker as permission for penetration test. Follow ethical hacking. Then anticipate possible problems. Prepare what needed before it is too late. Black hat hackers probably start with setting up anonymous communication with Onion routing.


Reconnaissance[edit | edit source]

See Reconnaissance

Creative[edit | edit source]

Develop exploits.

Aggressive[edit | edit source]

See Penetration

Post exploitation[edit | edit source]

The unified kill chain [1][edit | edit source]

1. Reconnaissance - Researching, identifying and selecting targets using active or passive reconnaissance.
2. Weaponization - Preparatory activities aimed at setting up the infrastructure required for the attack.
3. Delivery - Techniques resulting in the transmission of a weaponized object to the targeted environment.
4. Social engineering - Techniques aimed at the manipulation of people to perform unsafe actions.
5. Exploitation - Techniques to exploit vulnerabilities in systems that may, amongst others, result in code execution.
6. Persistence - Any access, action or change to a system that gives an attacker persistent presence on the system.
7. Defense evasion - Techniques an attacker may specifically use for evading detection or avoiding other defenses.
8. Command & control - Techniques that allow attackers to communicate with controlled systems within a target network.
9. Pivoting - Tunneling traffic through a controlled system to other systems that are not directly accessible.
10. Discovery - Techniques that allow an attacker to gain knowledge about a system and its network environment.
11. Privilege escalation - The result of techniques that provide an attacker with higher permissions on a system or network.
12. Execution - Techniques that result in execution of attacker-controlled code on a local or remote system.
13. Credential access - Techniques resulting in the access of, or control over, system, service or domain credentials.
14. Lateral movement - Techniques that enable an adversary to horizontally access and control other remote systems.
15. Collection - Techniques used to identify and gather data from a target network prior to exfiltration.
16. Exfiltration - Techniques that result or aid in an attacker removing data from a target network.
17. Impact - Techniques aimed at manipulating, interrupting or destroying the target system or data.
18. Objectives - Socio-technical objectives of an attack that are intended to achieve a strategic goal.

References[edit | edit source]

  1. Pols, Paul (May 17, 2021). "The Unified Kill Chain". 
List of cyberattacks
List of security hacking incidents
Known AES attacks - adversary tactics and techniques (MITRE ATT&CK®)