Introduction
The Cyber Kill Chain provides a broad outline as a component of the intelligence-driven defense model. With the emergence of the Internet, the world has witnessed the arrival of cybersecurity threats that jeopardize both individual and organizational databases. As such, cybersecurity experts have designed a set of differentiated solutions for the detection and mitigation of intrusions. The Cyber Kill Chain is a tool that was specifically created by Lockheed Martin Company, a consortium specializing in manufacturing aerospace, artilleries, security, and advanced technologies in the United States (Kiwia et al., 2018). As such, the program highlights seven significant steps involved in the identification and alleviation of risks associated with cybersecurity (Cho et al., 2018). However, this paper analyzes the seventh step, actions on the objective, where the intruder gains relentless access, finally decides to fulfill their purpose, and proposes a countermeasure for this activity.
Action on Objectives Required Tools
“Action on Objectives” is usually the last process in the Cyber Kill Chain initiative. Once the computer criminal gains entry into a system, they complete the objectives. At this point, an organization’s skilled workforce of human sensors can vastly enhance the company’s ability to determine and effectively respond to an episode, massively improving the corporation’s resilience capabilities (Cho et al., 2018). Defenders need to discover this stage as quickly as possible and deploy various tools that facilitate forensic evidence collection. For example, network packet captures can be implemented in the process to aid in damage assessment (Mahdavifar & Ghorbani, 2019). At this point, after advancing through the first six stages, can attackers decide to complete their initial objectives. Therefore, data exfiltration aims to gather, encode, and obtain information from the target’s environment. Other significant implements that can be utilized in this stage are the end-point security tools (Lezzi et al., 2018). For example, BitDefender is an excellent choice for businesses that value identification of malware, performance, and full reinforcement of databases.
How to Countermeasure this Activity
Having understood the significant aspects associated with the “action on objectives” stage of the kill chain process, organizations can implement various counterstrategies to mitigate the risks associated with cyber threats. First, a Chief Information Security Officer (CISO) can consider jamming communication with suspicious and risk Uniform Resource Locators (URLs). In particular, this strategy is referred to as URL filtering, which restricts access by conducting a comparison of Internet traffic to a data center to limit workers from accessing unsafe sites such as phishing websites (Lezzi et al., 2018). In addition, the CISO can also consider delineating guidelines and privileges to file transfer credible and regulated networks, thereby aiding in eliminating efforts to transmit data covertly. Lastly, the CISO should also take the initiative in advocating for secure behaviors, which will prevent a successful adversary from jeopardizing the organization’s databases (Li et al., 2019). In particular, the security officer should promote strong and differentiated passwords, authorize employees before sharing sensitive information, and examine their login patterns.
Conclusion
Cybersecurity is a critical aspect of modern-day business operations, and it should not be overlooked. Lockheed Martin Corporation developed the Cyber Kill Chain program specifically to assist organizations in detecting and countering cyber intrusions. This paper focused on analyzing the last step of this initiative, “action on objectives,” and identified various tools that can be used to mitigate risks. Moreover, the paper also suggested multiple ways for a security officer to alleviate the risks associated with cyber intrusions. In essence, organizations should implement the strategies identified above to prevent the repercussion of unauthorized access to their databases.
References
Cho, S., Han, I., Jeong, H., Kim, J., Koo, S., Oh, H., & Park, M. (2018). Cyber kill chain-based threat taxonomy and its application on the cyber common operational picture.2018 International Conference on Cyber Situational Awareness, Data Analytics, and Assessment (Cyber SA), 1–8. Web.
Kiwia, D., Dehghantanha, A., Choo, K.-K. R., & Slaughter, J. (2018). A cyber kill chain-based taxonomy of banking Trojans for evolutionary computational intelligence.Journal of Computational Science, 27, 394–409. Web.
Lezzi, M., Lazoi, M., & Corallo, A. (2018). Cybersecurity for Industry 4.0 in the current literature: A reference framework.Computers in Industry, 103, 97–110. Web.
Li, L., He, W., Xu, L., Ash, I., Anwar, M., & Yuan, X. (2019). Investigating the impact of cybersecurity policy awareness on employees’ cybersecurity behavior.International Journal of Information Management, 45, 13–24. Web.
Mahdavifar, S., & Ghorbani, A. A. (2019). Application of deep learning to cybersecurity: A survey.Neurocomputing, 347, 149–176. Web.