TECHNIQUES
- Home
- Techniques
- PRE-ATT&CK
- Determine secondary level tactical element
Determine secondary level tactical element
The secondary level tactical element the adversary seeks to attack is the specific network or area of a network that is vulnerable to attack. Within the corporate network example, the secondary level tactical element might be a SQL server or a domain controller with a known vulnerability. [1] [2] [3] [4]
ID: T1244
Sub-techniques:
No sub-techniques
Tactic:
Target Selection
Version: 1.0
Created: 14 December 2017
Last Modified: 17 October 2018
Detection
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: Normally, defender is unable to detect. May change for special use cases or adversary and defender overlays.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: This is the normal adversary targeting cycle where they utilize our poor OPSEC practices to their advantage.
References
- Elizabeth Van Ruitenbeek, Ken Keefe, William H. Sanders, and Carol Muehrcke. (2010). Characterizing the Behavior of Cyber Adversaries: The Means, Motive, and Opportunity of Cyberattacks. Retrieved March 5, 2017.
- Joint Chiefs of Staff. (2013, January 31). Joint Targeting. Retrieved May 19, 2017.
- Joint Chiefs of Staff. (2013, February 5). Cyberspace Operations. Retrieved May 19, 2017.
- Department of Defense. (2015, April). The Department of Defense Cyber Strategy. Retrieved May 19, 2017.
×