The Need for an Updated Kill Chain

Type carbonblack
Reporter Katie DeMatteis
Modified 2019-09-08T16:00:16


**“Cyber Kill Chain”


The “Cyber Kill Chain”—created in 2011 by Lockheed Martin—was designed to be a model that “identifies what…adversaries must complete in order to achieve their objective.” This framework has been widely used through the cybersecurity world and informs prevention-heavy strategy. It describes the distinct phases of an attack and serves as a strong guide for defenders.

The sooner you disrupt attacker behavior in the chain, the better you can evolve your defenses and the harder it is for that attacker, or any other, in the future. If you stop a hacker in the weaponization phase, they won’t be able to complete their objective.



In 2018, the MITRE ATT&CK framework was introduced. This framework showed not only the phases of an attack, but also gave insight into the how and the why—this made it an important step in the evolution of how we look at and defend from attacks.

Evolving Criminals = Evolving Kill Chain

Cybercriminals are getting better and better at executing their attacks. And the number of criminals able to execute destructive attacks is in an upward spiral. There is an entire cybercrime economy filled with ever growing new talent—and with this talent comes an evolution of new strategies and new techniques.

To learn how to combat this evolution, check out our whitepaper, Cognitions of a Cybercriminal.

Download your copy of Cognitions of a Cybercriminal to learn more about the “Cognitive Attack Loop” and the steps you can take to gain better visibility into cybercriminal behavior within your systems.

Read Now

The post The Need for an Updated Kill Chain appeared first on Carbon Black.