JUST RELEASED: ATT&CK for Industrial Control Systems

Install and configure hardware, network, and systems

An adversary needs the necessary skills to set up procured equipment and software to create their desired infrastructure. [1]

ID: T1336
Tactic: Establish & Maintain Infrastructure
Version: 1.0
Created: 14 December 2017
Last Modified: 17 October 2018

Detection

Detectable by Common Defenses (Yes/No/Partial): No

Explanation: Defender will not have visibility on 3rd party sites unless target is successfully enticed to visit one.

Difficulty for the Adversary

Easy for the Adversary (Yes/No): Yes

Explanation: Skills are common to majority of computer scientists and "hackers". Can be easily obtained through contracting if not organic to adversary's organization.

References

  1. Kaspersky Labs. (2013, January 14). Kaspersky Lab Identifies Operation “Red October,” an Advanced Cyber-Espionage Campaign Targeting Diplomatic and Government Institutions Worldwide. Retrieved March 6, 2017.