ݺߣ

ݺߣShare a Scribd company logo

The Art of War - Hacking Lifecycle

?
?
R
Robert Williams

The document discusses strategic military tactics and principles of war including waging war, disposition of the army, weaknesses and strengths, and intelligence and espionage. It also references the nine battlegrounds and attacking with fire. Additionally, it examines the stages of cyber attacks including initial compromise, lateral movement within the target, and maintaining a presence after stealing data.

1 of 15
Download to read offline
The Art of War - Hacking Lifecycle
2
3 ʼӋ Waging war () Strategic attack (\) Disposition of the army (܊) Forces () Weaknesses and strengths (̓) Military manoeuvres (܊) Variations and adaptability (׃) Movement and development of troops (܊) Terrain () The nine battlegrounds (ŵ) Attacking with fire () Intelligence and espionage (g)
4
BREACHIMPACT Infection Stages Post Exploitation Stages Strengthen Position within Target Establish Foothold Package and Steal Target Data Complete Mission Initial Compromise Lateral Movement Maintain Presence Initial Recon Steal Valid User Credentials Escalate Privileges Identify Target Data Internal Recon Identify Exploitable Vulnerabilities Gain Initial Access Into Target PREVENTION DWELL TIME / IMPACT RESPONSE DETECTION Malware Problem Human Attacker Problem Endpoint EPP Endpoint Detection and Response (EDR) Tactical Intelligence Operational Threat Intelligence MSSP Managed Detection and Response (MDR) North / South Traffic East / West Traffic 9% of Evidence 18% 7% 52% 14%91% of Evidence
6
7 ? ? ? ?
8
9
10
11
12
13
https://www.fireeye.com/cyber-map/threat-map.html 1414
15

More Related Content

The Art of War - Hacking Lifecycle

  • 2. 2
  • 3. 3 ʼӋ Waging war () Strategic attack (\) Disposition of the army (܊) Forces () Weaknesses and strengths (̓) Military manoeuvres (܊) Variations and adaptability (׃) Movement and development of troops (܊) Terrain () The nine battlegrounds (ŵ) Attacking with fire () Intelligence and espionage (g)
  • 4. 4
  • 5. BREACHIMPACT Infection Stages Post Exploitation Stages Strengthen Position within Target Establish Foothold Package and Steal Target Data Complete Mission Initial Compromise Lateral Movement Maintain Presence Initial Recon Steal Valid User Credentials Escalate Privileges Identify Target Data Internal Recon Identify Exploitable Vulnerabilities Gain Initial Access Into Target PREVENTION DWELL TIME / IMPACT RESPONSE DETECTION Malware Problem Human Attacker Problem Endpoint EPP Endpoint Detection and Response (EDR) Tactical Intelligence Operational Threat Intelligence MSSP Managed Detection and Response (MDR) North / South Traffic East / West Traffic 9% of Evidence 18% 7% 52% 14%91% of Evidence
  • 6. 6
  • 8. 8
  • 9. 9
  • 10. 10
  • 11. 11
  • 12. 12
  • 13. 13
  • 15. 15