Identify personnel with an authority/privilege

From pre-attack
Jump to: navigation, search

Identify personnel with an authority/privilege
ID PRE-T1048
Tactic People Information Gathering


Personnel internally to a company may have non-electronic specialized access, authorities, or privilege that make them an attractive target for an adversary. One example of this is an individual with financial authority to authorize large transactions. An adversary who compromises this individual might be able to subvert large dollar transfers.1

Difficulty for the Adversary

Easy for the Adversary (Yes/No): No

Explanation: Requires an adversary to undergo an intensive research process. It is resource intensive or requires special data access. May be easier for certain specialty use cases.


Detectable by Common Defenses (Yes/No/Partial): No

Explanation: The layers of data required and potential gaps of information to map a specific person to an authority or privilege on a network requires access to resources that may not tip off a defender.