TECHNIQUES
- Home
- Techniques
- PRE-ATT&CK
- Identify supply chains
Identify supply chains
Supply chains include the people, processes, and technologies used to move a product or service from a supplier to a consumer. Understanding supply chains may provide an adversary with opportunities to exploit organizational relationships. [1] [2]
ID: T1276
Sub-techniques:
No sub-techniques
Tactic:
Organizational Information Gathering
Version: 1.0
Created: 14 December 2017
Last Modified: 17 October 2018
Similar Techniques by Tactic
Tactic | Technique |
---|---|
People Information Gathering | Identify supply chains |
Technical Information Gathering | Identify supply chains |
Detection
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: Searching publicly available sources that cannot be monitored by a defender.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): No
Explanation: Requires an intensive process. May be easier in certain industries where there are a limited number of suppliers (e.g., SCADA).
References
- Drew Smith. (2015). Is your supply chain safe from cyberattacks?. Retrieved March 5, 2017.
- CERT-UK. (2016, October 01). Cyber-security risks in the supply chain. Retrieved March 5, 2017.
×