In this video, you will learn to describe what a Cyber Kill Chain is and how each link in the chain contributes to the success of an attack. Well, the Kill Chain that I said before are a set of activity that needs to be done to compromise the victim. Usually, the Kill Chain is referred to malware, but each single attack could guide a specific Kill Chain. So if you're [inaudible] require some specific activity that needs to be done. For what regarding the malware itself, those are the most common activity that should be done. So Reconnaissance that means that you can understand what type of vulnerability that can be exploited. Weaponization means for identifying what is the exploit. Take WannaCry for example, the WannaCry exploit wasn't no blue. For delivery, I need to make sure that the malicious by now that I've created and after creation to ask for ransom where it could be exploited due to the vulnerability. But at the end of the story, there is something that leads to a rush to the target, and that is to delivery part. Exploitation is the ability to start the exploit of the specific vulnerability. So once the malicious plan of this is arrived and it will exploit that specific vulnerability. Then of course, I need to install some other component that are not necessarily malware that will fix a trainload to start on my activity. So I need to create some data that you would ask ransom of later, I need to hold on the target also a tool that makes encrypting of the data. This is not a malware. By the way, this is something that is very important for malware in general. You will be surprised, but developing malware is not illegal. It is very difficult to define what is illegal but we have a program that does something. The fact that the program does not necessarily can be associated to a malware. Sometimes we create something that can be used by a good guy, but can also use adoption. Yeah, encrypting a data, generally is not something bad, but if you encrypt a data and ask for a ransom for the close of that, that is also not a particular challenge that we have in the defense. This is also something that is very much interesting in the sense that very often, my real objective is not to compromise the victim. But to use the victim of the computer to start a transparency. So this is exalted. So he can capture your computer region, your computer to four and at that to the Martina computer. Okay. In this case, a real incident, if you want to, one is that I am using your computer to perform an attack on third party. The second, that I use your computer to store some data from the Martin. Or I find out the actions and objectives. So once you have a command and the control, you can to form such, encrypting data or installing the applications called ransom. Another thing that I think is very much interesting in this defense is the fact that we think that the model as something that has been created by one person to compromise another person. In sheer volume of these activities usually each performed, should be performed by different organization. Very often we talk about it such as cybercrime as itself. So you know several organizations that specialist in delivery for example, from SPAM work to advertisement and all of the people that has already arrived at the commerce sense of space. So my understanding would work out whatever vulnerabilities. It's nice to know that actually more often, companies that you know want to understand if their systems are vulnerable or not, launch some specific contents that are called bad bank, like that [inaudible]. So basically [inaudible] is a sort of challenge that the company does to understand the vulnerability in their services. Actually the six top is done by the attacker as well, and so also attacked very often launch contest that were to find some vulnerability the attacker can use in this bold fight.