Secure and protect infrastructure

An adversary may secure and protect their infrastructure just as defenders do. This could include the use of VPNs, security software, logging and monitoring, passwords, or other defensive measures. [1]

ID: T1317

Tactic: Adversary Opsec

Version: 1.0


Detectable by Common Defenses (Yes/No/Partial): No

Explanation: Indistinguishable from standard security practices employed by legitimate operators.

Difficulty for the Adversary

Easy for the Adversary (Yes/No): Yes

Explanation: Adversary benefits from our own advances, techniques, and software when securing and protecting their own development infrastructure.


  1. Brian Krebs. (2014, August 4). Chinese VPN Service as Attack Platform?. Retrieved March 6, 2017.