TECHNIQUES
- Home
- Techniques
- PRE-ATT&CK
- Determine operational element
Determine operational element
If going from strategic down to tactical or vice versa, an adversary would next consider the operational element. For example, the specific company within an industry or agency within a government. [1] [2] [3] [4]
ID: T1242
Sub-techniques:
No sub-techniques
Tactic:
Target Selection
Version: 1.0
Created: 14 December 2017
Last Modified: 17 October 2018
Detection
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: Normally, defender is unable to detect. May change for special use cases or adversary and defender overlays.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: This is the normal adversary targeting cycle where they utilize our poor OPSEC practices to their advantage.
References
- Elizabeth Van Ruitenbeek, Ken Keefe, William H. Sanders, and Carol Muehrcke. (2010). Characterizing the Behavior of Cyber Adversaries: The Means, Motive, and Opportunity of Cyberattacks. Retrieved March 5, 2017.
- Joint Chiefs of Staff. (2013, January 31). Joint Targeting. Retrieved May 19, 2017.
- Joint Chiefs of Staff. (2013, February 5). Cyberspace Operations. Retrieved May 19, 2017.
- Department of Defense. (2015, April). The Department of Defense Cyber Strategy. Retrieved May 19, 2017.
×