Acquire and/or use 3rd party software services

From pre-attack
Jump to: navigation, search


Acquire and/or use 3rd party software services
Technique
ID PRE-T1085
Tactic Adversary OPSEC

Definition

A wide variety of 3rd party software services are available (e.g., Twitter, Dropbox, GoogleDocs). Use of these solutions allow an adversary to stage, launch, and execute an attack from infrastructure that does not physically tie back to them and can be rapidly provisioned, modified, and shut down.12

Difficulty for the Adversary

Easy for the Adversary (Yes/No): Yes

Explanation: 3rd party services like these listed are freely available.

Detection

Detectable by Common Defenses (Yes/No/Partial): No

Explanation: Defender will not have visibility over account creation for 3rd party software services.

Similar Techniques for Other Tactics

TacticArticle
Adversary OPSECAcquire and/or use 3rd party software services
Establish & Maintain InfrastructureAcquire and/or use 3rd party software services