In my decade working in the cybersecurity industry, I’ve developed quite a few fond memories learning from talented security professionals. In 2015, I found myself working with Andy Pendergast at ThreatConnect. (As a little background, Andy is one of the fine folks who developed the Diamond Model for Intrusion Analysis. He is considered to be a veritable cybersecurity encyclopedia among his peers.) At the time, I was new to cyber threat intelligence (CTI). Andy took me under his wing to teach me CTI. One of the first things he taught me was the value of applying a cyber defense framework, such as Lockheed Martin’s Cyber Kill Chain, to the threat detection and mitigation process.
Client-Side Kill Chain based on the Lockheed Martin Cyber Kill Chain
The 7 Stages of the Client-Side Kill Chain
As part of the weaponization phase, the threat actors purchase Magecart-like malware on the dark web. The malware kit costs $1,000 and has a proven track record of working with similar third-party scripts. After acquiring the malware, they find the correct open-source script on GitHub to corrupt.
6. Command and control
7. Action on objectives
Work with an Expert in Client-Side Security
In 2019, I went through the Certified Ethical Hacker training program while working at Accenture Security. While I am not qualified to be a pentester or cybersecurity analyst, I did learn one very important thing. It is important to understand how cybercriminals, hackers, or other threat actors think and operate. Not every client-side attack follows the Cyber Kill Chain model as closely as outlined above. Having a rough understanding of how threat actors execute client-side attacks can be very helpful.
To learn more about client-side security and to better protect your customers from threats like the one described above, take some time to explore the Feroot security tools Inspector and Pageguard. If you would like to see our products in action, request a demo.