The delivery phase of the Cyber Kill Chain is crucial for cybercriminals to transmit malicious payloads to targets through various phishing methods. This phase encompasses a range of techniques that exploit human trust and vulnerabilities. The article examines the implications of these phishing attacks and maps them to the MITRE ATT&CK framework, highlighting the need for proactive defense strategies. Affected: phishing, cybersecurity sector, individuals, software integrity
Keypoints :
- The delivery phase of the Cyber Kill Chain is vital for executing phishing attacks.
- Phishing techniques include email attachments, malicious links, USB drives, smishing, and quishing.
- Cybercriminals exploit human vulnerabilities and trust, making phishing highly effective.
- Several techniques from the MITRE ATT&CK framework apply to the delivery phase.
- The “SubdoMailing” campaign illustrates how phishing can leverage reputable brands.
- Phishing-as-a-Service allows non-technical criminals to launch sophisticated phishing attacks.
- International law enforcement efforts are underway to combat cybercrime through operations like Operation Elaborate and Operation Cookie Monster.
- Ongoing education and vigilance are essential in mitigating risks associated with these cyber threats.
MITRE Techniques :
- Phishing (T1598): This encompasses spear-phishing attachments (T1598.002) and spear-phishing links (T1598.003).
- Drive-by Compromise (T1189): Exploiting browser vulnerabilities to deliver malware during a visit to a compromised website.
- Removable Media (T1091): Using USB drives or other removable media to deliver malicious software.