+
+
+
+
+
Step 5: Command, control, actions and objectives
Step 4: Exploitation and installation
Step 3: Delivery
Step 2: Weaponisation
Step 1: Reconnaissance
Understanding how an attacker works means a greater chance of protecting yourself and coming out victorious. The same applies to how we as Lely are able to arm ourselves against virtual attackers, or hackers.
As an organisation, it is easier and more effective to prepare against an attack by a known adversary than against an unknown attacker. We therefore take you into the world of a hacker preparing a phishing attack.
To achieve a successful attack, the hacker follows the following five steps.
HOTSPOTS
5
4
3
2
1
Step 5: Command, control, actions and objectives
Control over the computer: on to the end goal!
The hacker has now gained full control of the infected computer(s) without the recipient noticing. The hacker is able to move further into the Lely network and servers. On to achieving his end goal, such as stealing confidential data or intellectual property, or shutting down or encrypting systems in exchange for a hefty ransom.
Step 4: Exploitation
and installation
Entice the recipient(s) to download the infected file.
The attacker benefits if the message with the malicious attachment is opened. He therefore packages the message as attractively as possible, for example by promising something that is too good to be true, such as a brand-new phone waiting for the recipient; all you have to do is click on the link! A quick gain, right?
The greater the temptation to click, the greater the chance that the virus will be installed on the recipient’s computer. The installation is usually invisible; the recipient does not realise the computer is infected.
Step 3: Delivery
Send out a message to Lely e-mail address(es) with, for example, a malware-infected attachment.
After carefully preparing and planning the attack, the hacker sends an e-mail to the obtained Lely e-mail addresses. The previously created (or purchased) malicious file is attached to it.
Step 2: Weaponisation
Prepare the attack (tools).
The hacker makes or buys his attack weapon. This could be a malicious file containing a virus (so-called 'malware'), for example. Malware can also be acquired relatively easily via the dark web.
Step 1: Reconnaissance
Scavenge for Lely e-mail addresses.
The hacker searches for e-mail addresses on social media, websites and in databases. He may acquire addresses through illegal trade – such as the dark web. All addresses are collected in a central file.
Understanding how an attacker works means a greater chance of protecting yourself and coming out victorious. The same applies to how we as Lely are able to arm ourselves against virtual attackers, or hackers.
As an organisation, it is easier and more effective to prepare against an attack by a known adversary than against an unknown attacker. We therefore take you into the world of a hacker preparing a phishing attack.
To achieve a successful attack, the hacker follows the following five steps.
HOTSPOTS