Obfuscate infrastructure

From pre-attack
Jump to: navigation, search


Obfuscate infrastructure
Technique
ID PRE-T1086
Tactic Adversary OPSEC

Definition

Obfuscation is hiding the day-to-day building and testing of new tools, chat servers, etc.1

Difficulty for the Adversary

Easy for the Adversary (Yes/No): Yes

Explanation: Adversary has a variety of solutions, ranging in difficulty, that can be employed (e.g., BGP hijacking, tunneling, reflection, multi-hop, etc.) Adversary can also use misattributable credentials to obtain servers, build environment, Amazon Web Services (AWS) accounts, etc.

Detection

Detectable by Common Defenses (Yes/No/Partial): Yes

Explanation: Difficult, but defender is well aware of technique and attempts to find discrepancies.

Similar Techniques for Other Tactics

TacticArticle
Adversary OPSECObfuscate infrastructure
Establish & Maintain InfrastructureObfuscate infrastructure