Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

TA0040

Impact

Purpose

The adversary is trying to manipulate, interrupt, or destroy your systems and data.

Impact consists of techniques that adversaries use to disrupt availability or compromise integrity by manipulating business and operational processes. Techniques used for impact can include destroying or tampering with data. In some cases, business processes can look fine, but may have been altered to benefit the adversaries’ goals. These techniques might be used by adversaries to follow through on their end goal or to provide cover for a confidentiality breach.

Included content

MITRE ALERT PACKS

  1. T1485: Data Destruction

  2. T1486: Data Encrypted for Impact

  3. T1489: Service Stop

  4. T1490: Inhibit System Recovery

  5. T1531: Account Access Removal

  6. T1565: Data Manipulation

Prerequisites

LOOKUPS

TA0043

Reconnaissance

Purpose

The adversary is trying to gather information they can use to plan future operations. Reconnaissance consists of techniques that involve adversaries actively or passively gathering information that can be used to support targeting. Such information may include details of the victim organization, infrastructure, or staff/personnel. This information can be leveraged by the adversary to aid in other phases of the adversary lifecycle, such as using gathered information to plan and execute Initial Access, to scope and prioritize post-compromise objectives, or to drive and lead further Reconnaissance efforts.

Included content

MITRE ALERT PACKS

  1. T1589: Gather Victim Identity Information

  2. T1590: Gather Victim Network Information

  3. T1592: Gather Victim Host Information

  4. T1595: Active Scanning

Prerequisites

LOOKUPS

  • No labels