Compromise 3rd party infrastructure to support delivery
|Compromise 3rd party infrastructure to support delivery|
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: Commonly used technique currently (e.g., WordPress sites) as precursor activity to launching attack against intended target (e.g., acquiring botnet or layers of proxies for reducing attribution possibilities).
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: Defender will not have visibility on 3rd party sites unless target is successfully enticed to visit one.
Similar Techniques for Other Tactics
|Adversary OPSEC||Compromise 3rd party infrastructure to support delivery|
|Establish & Maintain Infrastructure||Compromise 3rd party infrastructure to support delivery|