Acquire and/or use 3rd party infrastructure services
A wide variety of cloud, virtual private services, hosting, compute, and storage solutions are available. Additionally botnets are available for rent or purchase. Use of these solutions allow an adversary to stage, launch, and execute an attack from infrastructure that does not physically tie back to them and can be rapidly provisioned, modified, and shut down. [1]
ID: T1329
Tactic:
Establish & Maintain Infrastructure
Version: 1.0
Similar Techniques by Tactic
| Tactic | Technique |
|---|---|
| Adversary Opsec | Acquire and/or use 3rd party infrastructure services |
Procedure Examples
| Name | Description |
|---|---|
| TEMP.Veles | TEMP.Veles has used Virtual Private Server (VPS) infrastructure. [2] |
Detection
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: Hard to differentiate from standard business operations.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: Wide variety of cloud/VPS/hosting/compute/storage solutions available for adversary to acquire freely or at a low cost.
References
- Max Goncharov. (2015, July 15). Criminal Hideouts for Lease: Bulletproof Hosting Services. Retrieved March 6, 2017.