The Cyber Kill Chain is dead. Long live the Cognitive Attack Loop. This is the thesis of Tom Kellermann's (Chief Security Officer at Carbon Black and former cyber commissioner for President Obama) new paper, 'Cognitions of a Cybercriminal'.
The problem with the Cyber Kill Chain framework created (and trademarked) by Lockheed Martin is that it has a beginning and an end. While this was an accurate reflection of cyber-attacks when it was first devised, it no longer applies, Kellermann says. The burglary approach of cybercriminals to enter, steal and leave has changed to long-lasting home invasion. The modern cybercriminal does not just leave -- he wants to stay, quietly hidden. Breaking the kill chain no longer works; because the criminal is still in the home.
Kellermann's argument is that defenders need to recognize the new reality and to start thinking about a modern persistent cognitive attack loop rather than a linear attack chain. This in turn recognizes the extent and manner to which elite Russian hacking groups have revolutionized hacking methods over the years since the Kill Chain was devised -- partly in response to the Gerasimov Doctrine.
General Valery Gerasimov wrote in 2013, "The very 'rules of war' have changed. The role of non-military means of achieving political and strategic goals has grown, and, in many cases, they have exceeded the power of force of weapons in their effectiveness." The bear doesn't have to be as fast as the human, he only needs to slow down the human to be as slow or slower than the bear -- and this can be done in cyber. This in turn led to a u ..
Support the originator by clicking the read the rest link below.
