Countering Malign Influence: Kill Chains and Frameworks

Security teams looking to understand and characterize malign influence operations must pick from a range of different models aiming to do for disinformation what Lockheed Martin’s Cyber Kill Chain and MITRE’s ATT&CK Framework have done for cyber threats. Some tools feature “kill chain” in their names, and one looks especially like ATT&CK: DISARM has a grid that catalogs adversarial tactics, techniques, and procedures (TTPs) for disinformation campaigns. How do all these tools compare?

These competing models’ differences, similarities, pros, and cons are not always intuitive, especially when the names sound similar. We’ve assembled this primer to help cybersecurity and cognitive security professionals build a shared awareness of these tools, including the advantages and disadvantages of specific models when countering tomorrow’s threats. It’s in the form of an FAQ, so you can start up top if you’re brand new to kill chains or jump in where appropriate based on your existing knowledge.

In any armed conflict, anticipating an opponent’s next move is crucial to effective counteraction. This principle led military thinkers to develop the “kill chain” concept for traditional warfare, a step-by-step attack process to identify the target, dispatch forces, launch an attack, and ultimately eliminate the target. This approach can detect and preempt aggressor actions through kinetic means. Also, it provides a common language for describing, strategizing against, and countering military threats. The cybersecurity community has long repurposed this idea.

Lockheed Martin introduced its Cyber Kill Chain framework in 2011 to allow defenders to track adversarial TTPs and to help them detect and thwart attacks at any point during the kill chain. The framework describes the process of a cyberattack in seven ordered steps: Reconnaissance, Weaponization, Delivery, Exploitation, Installation, Command and Control, Actions on Objectives. An “intruder succeeds if, and only if, they can proceed through steps 1-6 and reach the final stage,” Lockheed writes. This framework is still widely used, but lately, it’s been overshadowed by ATT&CK, which is not strictly linear and includes additional elements to express the nuances of a campaign. 

MITRE ATT&CK is the leading framework for characterizing cyberattacks. It was created in 2013 and first released in 2015. ATT&CK is updated biannually. In some ways, it resembles the Cyber Kill Chain but with greater nuance. Also, although the Cyber Kill Chain uses ordered phases to describe high-level adversary objectives, MITRE says ATT&CK tactics “are unordered and may not all occur in a single intrusion because adversary tactical goals change throughout an operation.” The unordered tactics are Reconnaissance, Resource Development, Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, Collection, Command and Control (C2), Exfiltration, and Impact. Over the years, MITRE has expanded ATT&CK beyond enterprise networks to include mobile architecture, cloud, and industrial control systems (ICS). 

ATT&CK includes techniques such as phishing for information and establishing social media accounts but does not include nuance that would let an analyst map state-sponsored cyber-influence attacks designed to interfere with elections or social media threats intended to incite insurrections and genocide. So various groups have sought to create frameworks depicting the elements of cyber-enabled influence campaigns. For now, there isn’t one leading framework for these threats with broad adoption on the scale of ATT&CK. But below, we’ll discuss five frameworks to consider: They deal in varying degrees with cognitive threats. 

The Unified Kill Chain framework combines elements from the Cyber Kill Chain and ATT&CK while adding a social engineering tactic. The framework describes cyberattacks in 18 tactical phases: Reconnaissance, Resource Development, Delivery, Social Engineering, Exploitation, Persistence, Defense Evasion, Command & Control, Pivoting, Discovery, Privilege Escalation, Execution, Credential Access, Lateral Movement, Collection, Exfiltration, Impact, and Objectives. (Like ATT&CK, this approach doesn’t require the tactics to be in this order.) The next model listed, the Online Operations Kill Chain, also integrates influence elements into a cyber framework—but more broadly, beyond just social engineering.

A team at Meta created the Online Operations Kill Chain framework to address the lack of standard taxonomies for information operations and cybersecurity operations. Defenders need a common language that bridges these areas because attackers can use both kinds of threats (e.g., in social engineering in the supply chain). The Online Operations Kill Chain is designed to be platform agnostic and applied to cyberattacks, influence operations, online fraud, human trafficking, and terrorist recruitment, with a particular focus on the elements meant to influence humans.

This model has 10 phases: Acquiring Assets, Disguising Assets, Gathering Information, Coordinating and Planning, Testing Platforms and Defenses, Evading Detection, Indiscriminate Engagement, Targeted Engagement, Compromising Assets, and Enabling Longevity. (Like ATT&CK, the model is described as modular because not every operator goes through every phase.)

Compared to the Unified Kill Chain, we believe this model provides a more integrated view of cyber threats and cyber-enabled influence threats. Also, it incorporates more influence elements. However, one of its weaknesses is dealing with campaigns where the leading actors don’t hide their identities but rather aim to be influencers—for example, the main 12 Covid-19 disinformation spreaders (“The Disinformation Dozen”). This weakness could be remedied in future updates. 

Some frameworks take a more qualitative approach to describing cyber-enabled influence threats: One example is Clint Watts’ Social Media Kill Chain. This model focuses on operators that Clint calls “advanced persistent manipulators” (APMs). Like other advanced persistent threats (APTs), APMs are well-funded, highly skilled threat actors aiming to exploit vulnerabilities in public discourse and deceptively manipulate human cognition on online social media platforms. To achieve such objectives, APMs exploit vulnerabilities in public discourse and manipulate human cognition via deception.

This model includes seven phases: Staging (i.e., creating realistic personas), Reconnaissance, Targeting (in this case, finding the “useful idiots”), Mimicry, Content Placement, Amplification, and Mobilization (i.e., getting people to engage in specific “offline” actions and behaviors). (Watts notes that APMs are less likely than hackers to work through a kill chain in sequence: “APMs instead function as more of an assembly line, delivering layered, integrated activities to alter audience perceptions via one of two distinct models.”)

The limitations of this kill chain are that it was explicitly made to describe and disrupt social media actions for APMs (not necessarily smaller actors), and it’s less quantifiable than other kill chains listed in this primer. But it’s one of the few kill chains for cyber-enabled influence threats that focuses on the adversarial end goal of getting people who are engaging with the campaign online to start engaging in “offline” activities: This is important because the online-offline convergence leading to mobilization is the real threat of cyber influence operations.

The Information Operations Kill Chain is another more qualitative kill chain: It's based on “the seven commandments” that the Soviet Union traditionally used in disinformation campaigns. There are eight phases: Find the Cracks (i.e., the open debates with heated disagreements), Seed Distortion, Wrap the Narratives in Kernels of Truth, Build Audiences (this one is added from the original seven commandments), Conceal your hands, Cultivate Useful Idiots, Deny Everything, and Play the Long Game. (As with some other models, this model doesn’t require phases to always appear in one order.)

This framework has the same weaknesses as the Social Media Kill Chain. That said, the Information Operations Kill Chain stands out for acknowledging that disrupting one campaign in a long-term operation is only one step, and the entire operation would need to be disrupted in multiple parts of the kill chain to stop the overall threat, and this could take multiple human generations to accomplish.

The DISARM Framework—which we previously highlighted here—is the most widely adopted framework for countering disinformation. It has supported operations for the European Union, the U.N., and NATO. What's more, the EU and the United States recently adopted DISARM as part of a “common standard on exchanging structured threat information” on foreign information manipulation and interference (FIMI).

The DISARM framework was launched in 2019 based on ATT&CK and its use of the “Structured Threat Information eXpression” (STIX) grid style presentation to different phases and tactics. DISARM is broken down into two categories for Offense (Red) and Defense (Blue). Red was created first as a kill chain for disinformation capabilities. Next, Blue was created for countermeasures to such attacks. (Like ATT&CK, DISARM’s grid is designed to show tactic stages left to right sequentially, so “the further left that a tactic is … the earlier that it’s likely to be met by an incident creator.”)

Below is a simple list of DISARM Red’s top-level categories. 

Compared to other frameworks that address cyber-enabled influence operations, DISARM includes much greater detail on tactics. For instance, the Microtargeting entry includes different tactics, different counters to tactics, and different detection mechanisms. This is not to say that every entry gives the same level of detail—many are blank when clicking through, like this example for “Email” under TA07 Select Channels and Affordances—but like ATT&CK, DISARM is intended to be updated as new techniques are discovered.

We hope this overview helps cybersecurity and cognitive security professionals build a shared understanding of these models and emerging threats. As the Online Operations Kill Chain authors have astutely pointed out, modern campaigns seamlessly weave between both categories. Not bringing the groups together leaves defenders who subscribe to only one of the categories at a significant disadvantage.

What’s more, although DISARM stands apart from the other frameworks evaluated, the weaknesses in different models are not necessarily disqualifiers: All the models discussed in this primer have the potential to be updated to be more inclusive.