TECHNIQUES
- Home
- Techniques
- PRE-ATT&CK
- Determine physical locations
Determine physical locations
Physical locality information may be used by an adversary to shape social engineering attempts (language, culture, events, weather, etc.) or to plan for physical actions such as dumpster diving or attempting to access a facility. [1]
ID: T1282
Sub-techniques:
No sub-techniques
Tactic:
Organizational Information Gathering
Version: 1.0
Created: 14 December 2017
Last Modified: 17 October 2018
Detection
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: Adversary searches publicly available sources that list physical locations that cannot be monitored by a defender or are not necessarily monitored (e.g., all IP addresses touching their public web space listing physical locations).
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: Most corporations now list their locations on public facing websites. Some challenge still exists to find covert or sensitive locations.
References
- Rotem Kerner. (2015, October). RECONNAISSANCE: A Walkthrough of the “APT” Intelligence Gathering Process. Retrieved March 1, 2017.
×