Attack Lifecycle story – part 1

I was recently explaining to a group of colleagues how a hacker gains access to a system. Then it hit me; most people are engrained with the hacking scenes in movies and they honestly think that is what happens in real life.

So I’ve decided to write the most layman-like content of how an attack is usually executed, probably over a few blog posts.

In this context, we will use Blancorp as the target company, i.e. the one being targeted by the hacker(s). Blancorp will be an institution with 70+ employees, internal computer systems, several websites, servers, databases and almost the infrastructure for a normal functioning of a company.

Spear Phishing

Most successful hacks are targeted attacks. What this means is that attackers single out specific individuals inside the organization and then focus to compromise them.

Spear phishing is what this means. It means a targeted phishing attack against an employee of an organization.

Plot

Blancos is an admin in the ICT department at Blancorp. This is a well known fact. He is active on social media, he gives occasional media interviews, speeches and marketing campaigns for his company.

Attackers know that Blancos will be a hard target to compromise, but they also know that if they can compromise his account, they gain full privileged access to the entire Blancorp network.

So they target someone lower on the infosec list. The attackers sent an unsolicited email to the front-desk asking for a clarification on what seems like a cheque gone wrong. The help-desk staff opens the cheque to confirm it’s content.

Bad mistake!

Hidden to them, the document ran a script, that downloaded some more code in the background, and planted itself on the machine. The code registered itself in the registry, and now it will run every time the computer is turned on.

The good news however, is that the admin has configured the system with the least access privilege in mind. This meant that this user, having less privileges on the network, cannot execute advanced commands and hence the code cannot propagate on the network using her credentials.

Escalation

The attackers noticed this. So they come up with another way. Remember they have access to the help desk machine, but that’s about it. They need some more privileged access.

They ran background processes in the help desk computer to a point that the computer ran so slowly to properly perform any tasks. So the lady does what everyone does, she calls IT.

The admin comes over to check the computer. He needs root (admin) access on the computer to properly diagnose the issue.

As the admin logged in to their account on the client’s computer, a little known fact would haunt this action. You see, the attackers had installed a keylogger on the help desk computer. This meant that every single keystroke was recorded. And this included the admin’s credentials. The hackers had hit the jackpot. They now had the admin username and password, and with these credentials, they could log in to any system on the network, servers, and all, and change the settings.

Remember, all this started with an email address.

Hot this week

The Hidden Costs of Overengineering Security

Complex security systems often create more vulnerabilities than they prevent by overwhelming teams with noise and maintenance demands while missing actual threats.

The True Cost of Chasing Compliance Over Security

Compliance frameworks create a false sense of security while modern threats evolve beyond regulatory requirements. Learn how to build actual protection rather than just checking boxes.

The Hidden Risk of Over Reliance on AI Security Tools

Over reliance on AI security tools creates dangerous blind spots by weakening human analytical skills. True resilience comes from balancing technology with continuous team training and critical thinking.

The Quiet Dangers of Overlooking Basic Security Hygiene

Basic security hygiene prevents more breaches than advanced tools, yet most teams overlook fundamentals while chasing sophisticated threats.

Your Password Strategy Is Wrong and Making You Less Secure

The decades-old advice on password complexity is forcing users into insecure behaviors. Modern security requires a shift to passphrases, eliminating mandatory rotation, and embracing passwordless authentication.

Topics

The Hidden Costs of Overengineering Security

Complex security systems often create more vulnerabilities than they prevent by overwhelming teams with noise and maintenance demands while missing actual threats.

The True Cost of Chasing Compliance Over Security

Compliance frameworks create a false sense of security while modern threats evolve beyond regulatory requirements. Learn how to build actual protection rather than just checking boxes.

The Hidden Risk of Over Reliance on AI Security Tools

Over reliance on AI security tools creates dangerous blind spots by weakening human analytical skills. True resilience comes from balancing technology with continuous team training and critical thinking.

The Quiet Dangers of Overlooking Basic Security Hygiene

Basic security hygiene prevents more breaches than advanced tools, yet most teams overlook fundamentals while chasing sophisticated threats.

Your Password Strategy Is Wrong and Making You Less Secure

The decades-old advice on password complexity is forcing users into insecure behaviors. Modern security requires a shift to passphrases, eliminating mandatory rotation, and embracing passwordless authentication.

Why API Security Is Your Biggest Unseen Threat Right Now

APIs handle most web traffic but receive minimal security attention, creating massive unseen risks that traditional web security tools completely miss.

Security Teams Are Asking the Wrong Questions About AI

Banning AI tools is a failing strategy that creates shadow IT. Security teams must pivot to enabling safe usage through approved tools, clear guidelines, and employee training.

The Illusion of Secure by Default in Modern Cloud Services

Moving to the cloud does not automatically make you secure. Default configurations often create significant risks that organizations must actively address through proper tools and processes.
spot_img

Related Articles

Popular Categories