Register to stream ATT&CKcon 2.0 October 29-30

Acquire and/or use 3rd party infrastructure services

A wide variety of cloud, virtual private services, hosting, compute, and storage solutions are available. Additionally botnets are available for rent or purchase. Use of these solutions allow an adversary to stage, launch, and execute an attack from infrastructure that does not physically tie back to them and can be rapidly provisioned, modified, and shut down. [1]

ID: T1329
Tactic: Establish & Maintain Infrastructure
Version: 1.0

Similar Techniques by Tactic

Tactic Technique
Adversary Opsec Acquire and/or use 3rd party infrastructure services

Procedure Examples

Name Description
TEMP.Veles TEMP.Veles has used Virtual Private Server (VPS) infrastructure. [2]

Detection

Detectable by Common Defenses (Yes/No/Partial): No

Explanation: Hard to differentiate from standard business operations.

Difficulty for the Adversary

Easy for the Adversary (Yes/No): Yes

Explanation: Wide variety of cloud/VPS/hosting/compute/storage solutions available for adversary to acquire freely or at a low cost.

References

  1. Max Goncharov. (2015, July 15). Criminal Hideouts for Lease: Bulletproof Hosting Services. Retrieved March 6, 2017.