"Meta Proposes Revamped Approach to Online Kill Chain Frameworks"
Meta researchers Ben Nimmo and Eric Hutchins have proposed a new framework approach for addressing online threats, which uses a shared model for identifying, describing, comparing, and disrupting the different phases of an attack chain. Their new "Online Operations Kill Chain" is based on the notion that all online attacks share similar phases. To conduct any online campaign, an attacker would want at least an IP address, an email address, or a cell phone number for authentication, and the ability to hide their assets. Later in the attack chain, the threat actor would require the ability to gather intelligence, test target defenses, execute the actual attack, evade detection, and remain persistent. Using a shared taxonomy and vocabulary to identify and explain each of these phases can help defenders better understand an emerging attack, allowing them to seek out opportunities to stop it more quickly. Nimmo and Hutchins stated in a new white paper on their kill chain that it will also enable them to analyze many operations over a significantly larger variety of threats than was previously conceivable in order to identify common trends and operational flaws. They emphasized that it will allow investigative teams in the industry, civic society, and government to share and compare their knowledge of operations and threat actors using a common taxonomy. The Online Operations Kill Chain from Meta divides an online threat operation into ten phases. This article continues to discuss the approach to online kill chain frameworks proposed by Meta researchers.
Dark Reading reports "Meta Proposes Revamped Approach to Online Kill Chain Frameworks"