Cyberattacks can differ in many ways such as type of attack, size and results.
However, there is a basic structure that cyber criminals follow when carrying out cybercrimes. The steps used are listed below.
Survey, or alternatively called Reconnaissance is the starting point for most attacks. It consists of a series of actions to investigate and analyse available information about the target in order to identify potential vulnerabilities.
Delivery - getting to the point in a system where you have an initial foothold, usually in the form of some malware or a backdoor into a system. In other words, you have gotten past the defenses and are within the corporate environment. Think of it like a burglar.
Breach - exploiting the vulnerability/vulnerabilities to gain some form of unauthorised access.
Affect - carrying out activities within a system that achieve the attacker’s goal.
The goal, or reward may be monetary or destructive, depending on the motivation of the attack.