JUST RELEASED: ATT&CK for Industrial Control Systems
TECHNIQUES
PRE-ATT&CK
Priority Definition Planning
Priority Definition Direction
Target Selection
Technical Information Gathering
People Information Gathering
Organizational Information Gathering
Technical Weakness Identification
People Weakness Identification
Organizational Weakness Identification
Adversary OPSEC
Establish & Maintain Infrastructure
Persona Development
Build Capabilities
Test Capabilities
Stage Capabilities
Enterprise
Initial Access
Execution
Persistence
Privilege Escalation
Defense Evasion
Credential Access
Discovery
Lateral Movement
Collection
Command and Control
Exfiltration
Impact
Mobile
Initial Access
Persistence
Privilege Escalation
Defense Evasion
Credential Access
Discovery
Lateral Movement
Impact
Collection
Exfiltration
Command and Control
Network Effects
Remote Service Effects
  1. Home
  2. Techniques
  3. PRE-ATT&CK
  4. Mine technical blogs/forums

Mine technical blogs/forums

Technical blogs and forums provide a way for technical staff to ask for assistance or troubleshoot problems. In doing so they may reveal information such as operating system (OS), network devices, or applications in use. [1]

ID: T1257
Tactic: Technical Information Gathering
Version: 1.0
Created: 14 December 2017
Last Modified: 17 October 2018

Detection

Detectable by Common Defenses (Yes/No/Partial): No

Explanation: Cannot detect access to public sites.

Difficulty for the Adversary

Easy for the Adversary (Yes/No): Yes

Explanation: Success is dependent upon the existence of detailed technical specifications for target network posted in blogs/forums. Poor OPSEC practices result in an adversary gleaning a lot of sensitive information about configurations and/or issues encountered.

References

  1. Jeff Bardin. (2012, October 10). OSINT and Cyber Intelligence - Fun and Sun in Miami. Retrieved March 1, 2017.