JUST RELEASED: ATT&CK for Industrial Control Systems

Analyze presence of outsourced capabilities

Outsourcing, the arrangement of one company providing goods or services to another company for something that could be done in-house, provides another avenue for an adversary to target. Businesses often have networks, portals, or other technical connections between themselves and their outsourced/partner organizations that could be exploited. Additionally, outsourced/partner organization information could provide opportunities for phishing. [1] [2]

ID: T1303
Tactic: Organizational Weakness Identification
Version: 1.0
Created: 14 December 2017
Last Modified: 17 October 2018

Detection

Detectable by Common Defenses (Yes/No/Partial): No

Explanation: Much of this analysis can be done using the target's open source website, which is purposely designed to be informational and may not have extensive visitor tracking capabilities.

Difficulty for the Adversary

Easy for the Adversary (Yes/No): Yes

Explanation: Analyzing business relationships from information gathering may provide insight into outsourced capabilities. In certain industries, outsourced capabilities or close business partnerships may be advertised on corporate websites.

References

  1. Gregory Scasny. (2015, September 14). Understanding Open Source Intelligence (OSINT) and its relationship to Identity Theft. Retrieved March 1, 2017.
  1. Hon. Jason Chaffetz, Hon. Mark Meadows, Hon. Will Hurd. (2016, September 7). The OPM Data Breach: How the Government Jeopardized Our National Security for More than a Generation. Retrieved March 28, 2017.