Obfuscate infrastructure
Obfuscation is hiding the day-to-day building and testing of new tools, chat servers, etc. [1]
ID: T1309
Tactic: Adversary Opsec
Version: 1.0
Similar Techniques by Tactic
| Tactic | Technique |
|---|---|
| Establish & Maintain Infrastructure | Obfuscate infrastructure |
Detection
Detectable by Common Defenses (Yes/No/Partial): YesExplanation: Difficult, but defender is well aware of technique and attempts to find discrepancies.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): YesExplanation: Adversary has a variety of solutions, ranging in difficulty, that can be employed (e.g., BGP hijacking, tunneling, reflection, multi-hop, etc.)Adversary can also use misattributable credentials to obtain servers, build environment, [https://aws.amazon.com Amazon Web Services] (AWS) accounts, etc.
References
- Forward-Looking Threat Research Team. (2012). LUCKYCAT REDUX: Inside an APT Campaign with Multiple Targets in India and Japan. Retrieved March 1, 2017.