Socio-Technical Kill Plane

Interactive mapping of human psychology and cyber attack vectors

8. Operationalcleanup7. Actionmanipulation6. Sustainedengagement5. Emotionaltriggering4. Trustestablishment3. Personalisedattack design2. Vulnerabilityassessment1. Targetprofiling0. 0-clickZoneReconWeaponDeliveryExploitInstallC&CActions12345678
Social Media Ransomware Steps
  1. 1.Identify high-value social media influencers with high number of followers
  2. 2.Assess account security
  3. 3.Craft spear-phishing message (e.g., fake brand deal or Instagram support)
  4. 4.Malicious link via DM/email
  5. 5.Vulnerability to gain account access (e.g. session hijack)
  6. 6.Install persistence (change recovery email/phone, enable 2FA for attacker, change password)
  7. 7.Begin deleting followers or account content as proof
  8. 8.Threaten to delete all followers/account unless paid
CI's Human Layer Kill Chain
Lockheed Martin's Cyber Kill Chain
Kill Chain Steps
Attack Points
Attack Path