Cyber Kill Chain Analysis of Five Major US Data Breaches

Abstract

Data breaches are a major concern for both US and global corporations. With more companies allowing their employees to be working remote, providing them a secure work environment has been a priority for employers. The Interpol 2020 report on cyber breaches mentions that the number of cyber-attacks has multiplied in the last year. The IBM Data Breach Report of 2021 notes that data breach costs rose from USD 3.86 million to USD 4.24 million, while the average cost was USD 1.07 Mil higher in breaches where remote work was a factor in causing the breach. Given this environment of increased cyber breaches, it is important to learn from previous major data breaches to understand the root cause which led to the compromise of information security and the steps which could have effectively prevented the same. This paper evaluates five major data breaches in US history using Lockheed's Cyber Kill Chain Analysis, since the details of these breaches have never been documented for research and also proposes an eight-step cyber-attack prevention plan.