TECHNIQUES
- Home
- Techniques
- PRE-ATT&CK
- Assess vulnerability of 3rd party vendors
Assess vulnerability of 3rd party vendors
Once a 3rd party vendor has been identified as being of interest it can be probed for vulnerabilities just like the main target would be. [1] [2]
ID: T1298
Tactic:
Organizational Weakness Identification
Version: 1.0
Created: 14 December 2017
Last Modified: 17 October 2018
Detection
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: 3rd parties would most likely not report network scans to their partners. Target network would not know that their 3rd party partners were being used as a vector.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: The difficult part is enumerating all 3rd parties. Finding major partners would not be difficult. Significantly easier with insider knowledge. Vulnerability scanning the 3rd party networks is trivial.
References
- Kim Zetter. (2015, January 4). The Biggest Security Threats We’ll Face in 2015. Retrieved March 5, 2017.
- Paul Ziobro. (2014, February 6). Target Breach Began With Contractor's Electronic Billing Link. Retrieved March 6, 2017.
×