Determine 3rd party infrastructure services

A wide variety of cloud, virtual private services, hosting, compute, and storage solutions are available as 3rd party infrastructure services. These services could provide an adversary with another avenue of approach or compromise. [1] [2] [3]

ID: T1284
Sub-techniques:  No sub-techniques
Tactic: Organizational Information Gathering
Version: 1.0
Created: 14 December 2017
Last Modified: 17 October 2018

Similar Techniques by Tactic

Tactic Technique
Technical Information Gathering Determine 3rd party infrastructure services

Detection

Detectable by Common Defenses (Yes/No/Partial): No

Explanation: Adversary searches publicly available sources and may find this information on the 3rd party web site listing new customers/clients.

Difficulty for the Adversary

Easy for the Adversary (Yes/No): Yes

Explanation: Press releases may reveal this information particularly when it is an expected cost savings or improvement for scalability/reliability.

References

  1. Forward-Looking Threat Research Team. (2012). LUCKYCAT REDUX: Inside an APT Campaign with Multiple Targets in India and Japan. Retrieved March 1, 2017.
  2. Bruce Schneier. (2017, April 5). APT10 and Cloud Hopper. Retrieved May 9, 2017.
  1. Michael Kan. (2017, April 4). Chinese hackers go after third-party IT suppliers to steal data. Retrieved May 9, 2017.