Authors: Faisal Ali Garba
Affiliation: Department of Computer Science Education, Sa'adatu Rimi College of Education, Kano, Nigeria Phoenyx Academy


Keywords: cyber attacks, cyber kill chain, hacking, vulnerability, exploit
ABSTRACT. Cyber-attacks is on continuous rise. Many organization's information systems have been compromised and their data stolen. Yet the number of Internet users is on the raise daily. The users are exposed to various cyber attacks of various types ranging from phishing, ransomware, cyber bullying, blackmailing and many more. This paper investigates in detail in to the various steps cyber attackers follow to attack and compromise a system. A theoretical review of the steps is presented and a practical demonstration of the steps presented. This paper will be very beneficial in understanding how cyber attack is conducted. This will help in planning defensive controls to curtail the attacks


[1]. Active Reconnaissance. (2012, April). Retrieved from
[2]. Al-Mohannadi, H., Mirza, Q., Namanya, A., Awan, I., Cullen, A., & Disso, J. (2016). Cyber Attack Modeling Analysis Techniques: An Overview. 2016 4th International Conference on Future Internet of Things and Cloud Workshops (pp. 69-76). Vienna: IEEE.
[3]. Chris Velazquez. (2015). Detecting and Preventing Attacks Earlier in the Kill Chain. The SANS Institute
[4]. Clark, J. (2017, July 9). 11 Tips to Prevent Phishing. Retrieved from CSO:
[5]. Hutchins, E. M., Cloppert, M. J., & Amin, R. M. (2010). Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains. Lockheed Martin Corporation.
[6]. Metasploit. (n.d.). Retrieved from Webopedia:
[7]. Mike Czumak . (2014, February 5). Passive Reconnaissance. Retrieved from Security Sift:
[8]. Panda. (n.d.). Understanding Cyber-Attacks: Part I. The Cyber-Kill Chain. Panda.
[9]. Payload. (n.d.). Retrieved from Encyclopedia by Kaspersky Lab:
[10]. Veil. (n.d.). Retrieved from Github:
[11]. Yadav, T., & Rao, A. M. (2015). Technical Aspects of Cyber Kill Chain. Security in Computing and Communications , 438-452.