Security and Resilience (Cyber and Physical)

Anatomy of an attack


infographic of 6 stages of a cyber attack

Anatomy of a cyber attack

  1. Reconnaissance – The threat actor uses the internet, social media, or other tools to discover likely courses of attack.
  2. Weaponization – Code and other tactics, techniques, and procedures are found or developed to exploit the target’s vulnerabilities.
  3. Delivery – Weaponized code is transmitted to the target.
  4. Exploitation and Installation – The attacker uses the tactics, techniques and procedures in the delivered code to dismantle or work around internal controls in the target to avoid detection.
  5. Command and Control – The attacker gained a form of control or remote access. This may include screen capture, malware execution, or spawning new virtual operating system environments.
  6. Execution – The objective of the attack is achieved. This can include extraction or destruction of IT and OT assets, installation of ransomware, IP theft, or other actions.

Remediation – If the attack is detected early enough and the incident response plan is successful, a course of action will be put in place to correct the problem. Starting as early as the delivery stage, indicators may signal that an attack campaign is underway.