Identify groups/roles

Personnel internally to a company may belong to a group or maintain a role with electronic specialized access, authorities, or privilege that make them an attractive target for an adversary. One example of this is a system administrator. [1]

ID: T1270

Tactic: People Information Gathering

Version: 1.0

Detection

Detectable by Common Defenses (Yes/No/Partial): No

Explanation: Searching publicly available sources that cannot be monitored by a defender.

Difficulty for the Adversary

Easy for the Adversary (Yes/No): No

Explanation: Requires an adversary to undergo an intensive research process. It is resource intensive or requires special data access. May be easier for certain specialty use cases.

References

  1. Rotem Kerner. (2015, October). RECONNAISSANCE: A Walkthrough of the “APT” Intelligence Gathering Process. Retrieved March 1, 2017.