Newsletter Series: The Cybersecurity Kill Chain
Month 3: Phase 3 – Delivery: Getting the Weapon to the Target

Now that the weapon has been created, the attacker needs to get it into your environment. This phase is called Delivery, and it's where the malicious file, link, or message is delivered to the victim through a variety of channels.

Common Delivery Methods:
 - Email attachments: The most common delivery method. PDFs, Word docs, or spreadsheets

embedded with malicious code.

- Phishing links: Directing users to spoofed websites that harvest credentials or install malware.

- Malicious USB drives: Dropped in public places, hoping an employee plugs one into a work computer.

- Drive-by downloads: Websites that exploit browser vulnerabilities to silently install malware.

Why this Phase Matters:
Delivery is often the only phase a user will visibly interact with. That means it’s also a critical point to stop an attack before it begins.

Defense Strategies:
1. Email Gateway Protection - Scan all attachments and links before they reach inboxes.

  1. Web Filtering - Block access to known malicious websites.
  2. USB Device Control - Restrict USB port usage or allow only whitelisted devices.
  3. Security Awareness Training - Teach staff to identify suspicious emails and never open unknown attachments or links.

    Tip of the Month:
    Hover over links in emails before clicking. A mismatch between the visible link and the actual URL is a red flag.

    Next month: Exploitation – what happens when someone clicks or opens the wrong thing.

NetCenter Technologies
Empowering Businesses Through Cybersecurity