Human Firewall Tip # 25: Cyber Kill Chain Basics

Human Firewall Tip # 25: Cyber Kill Chain Basics

Lockheed Martin's The Cyber Kill Chain defines the steps used by cyber attackers in todays cyber attacks.

We have shared the seven stages below.

You can also download the PDF copy by going to our LinkedIn page:

  • 1st stage: RECONNAISSANCE

The attacker will be looking for information systems with few protections or exploitable weaknesses. This can be done by active (e.g. port scanning) or passive (e.g. search engines) information gathering.

  • 2nd stage: WEAPONISATION

The attacker creates or uses toolkit that can take advantage of the weaknesses based from the outcome of the reconnaissance. The toolkit is not only focusing on the weakness, it also ensures that the attacker has admin privilege to take further actions on the information system.

  • 3rd stage: DELIVERY

The attacker delivers the weaponised bundle usually via spear phishing. The spear phishing email will most likely contain a legitimate-looking attachment that contains code that, when executed, would result in the attacker gaining a foothold on the organisational information system.

  • 4th stage: EXPLOITATION
The weaponised bundle or a malware code is executed on the target information system through remote or local mechanisms, taking advantage of discovered vulnerabilities to gain administrative privilege to the targeted information system.
  • 5th stage: INSTALLATION

Installation of the malware to the targeted information system. The malware will also begin to download additional software if network access is available. This will help the attacker to have better control of the system.

  • 6th stage: COMMAND AND CONTROL (C&C)

The attacker has created a channel to control the information system remotely. This allows the attacker to move deeper into the network, exfiltrate data and conduct destruction or denial of service operations.


Depending on the attacker's motive, they can either steal confidential information, cause disruption to the service that will make it unavailable or even financial gain.

Human Firewall Cyber Security Tip # 25 Cyber Kill Chain Basics


Human Firewall, A Cyber Security Awareness Lifestyle Store Web and Social Media Presence



Disclaimer: Following the Human Firewall tips are at your own discretion. Any actions you may take upon the information on this page is strictly at your own risk.

Leave a comment

Please note, comments must be approved before they are published