Stop the kill chain

Or, stop the “kill chain” nonsense.

Whether it’s the Lockheed original, or the great (in numbers…) many variants since, they are all quite flawed. Let’s say, 99% flawed.
Since a. it’s not a chain – it’s a mesh, haphazrd(sic)ly followed through the organisation, and b. it has nothing to do with ‘kill’ – only the most idiotic n00b would pursue that.

Qua b.,
first there is this, later expanded here;
and second there is all the evidence from practice. What stupid would ‘kill’ if future rewards could be had at zero cost once a breach-and-backdoor has been made available and (as almost always is the case – APTs, anyone? – yes they still are out there, undetected yet!) available for future use i.e. value extraction not ‘kill’ ..?

Oh yes third there is nation-state-cum-coaxed-Bad-groups ‘cyber”warfare’ (#ditchcyber) but that’s outside of the scope of just about anyone, since even there, one’s weapons are probably deployed already in ‘the field’ (re APT, again) or not at all to prevent detection. In which latter case there is no such thing as a chain employed, it’s just future-impact. As if one talks about the ‘kill chain’ of a Daisy Cutter being its doings after it touches the ground.
And no, if you think you’d have to worry about nation-states trying to brick your infra, a. they will no matter how strong your defenses, b. they do already (re APT, again), c. what did you have the idea to do about it? Even the pro’s may not save you… [uhm, this goes in a lot of places/nations ..!]

Oh well, blue pills everywhere.
[Edited to add: this.]
And this:

[Once useful for beautiful Ávila]

Leave a Reply