Exploit chain
(also vulnerability chain)
Exploit chain definition
An exploit chain is a cyber attack when an attacker uses multiple vulnerabilities to compromise the victim step-by-step. The attacker usually starts the chain by exploiting a simple or low-impact vulnerability and progresses to more critical ones. This way the attacker can overcome individual security controls that would otherwise prevent a successful attack.
Organizations need to quickly address known vulnerabilities to minimize the risk chain of exploits. Robust security measures, such as intrusion detection systems, network segmentation, and strong access controls, can mitigate the impact of possible cyber attacks.
See also: exploit, advanced persistent threat
Where exploit chains usually occur
These attacks typically involve well-resourced adversaries — sophisticated threat actors — who have the skills and resources to identify and exploit multiple vulnerabilities in a coordinated manner.
Sophisticated threat actors commonly use exploit chains against high-value targets, such as government entities, large corporations, critical infrastructure, or organizations with valuable intellectual property.
Exploit chains may also use a combination of known vulnerabilities and zero-day vulnerabilities (exploits that were previously unknown to the software vendor or the public). Highly skilled attackers can invest significant effort in discovering and chaining together these vulnerabilities to maximize their chances of success.