TECHNIQUES
- Home
- Techniques
- PRE-ATT&CK
- Assess security posture of physical locations
Assess security posture of physical locations
Physical access may be required for certain types of adversarial actions. [1] [2]
ID: T1302
Sub-techniques:
No sub-techniques
Tactic:
Organizational Weakness Identification
Version: 1.0
Created: 14 December 2017
Last Modified: 17 October 2018
Detection
Detectable by Common Defenses (Yes/No/Partial): Yes
Explanation: Physical security is often unaware of implications of physical access to network. However, some organizations have thorough physical security measures that would log and report attempted incursions, perimeter breaches, unusual RF at a site, etc.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: Social engineering and OSINT are still generally successful. Physical locations of offices/sites are easily determined. Monitoring for other sites of interest, such as backup storage vendors, is also easy to accomplish.
References
- Doug MacDonald, Samuel L Clements, Scott W Patrick, Casey Perkins, George Muller, Mary J Lancaster, Will Hutton. (2013, February). Cyber/physical security vulnerability assessment integration. Retrieved March 6, 2017.
- J. Depoy, J. Phelan, P. Sholander, B. Smith, G.B. Varnado and G. Wyss. (2015). RISK ASSESSMENT for PHYSICAL AND CYBER ATTACKS on CRITICAL INFRASTRUCTURES. Retrieved March 6, 2017.
×