TECHNIQUES
- Home
- Techniques
- PRE-ATT&CK
- Obfuscate infrastructure
Obfuscate infrastructure
Obfuscation is hiding the day-to-day building and testing of new tools, chat servers, etc. [1]
ID: T1309
Sub-techniques:
No sub-techniques
Tactic:
Adversary Opsec
Version: 1.0
Created: 14 December 2017
Last Modified: 17 October 2018
Similar Techniques by Tactic
Tactic | Technique |
---|---|
Establish & Maintain Infrastructure | Obfuscate infrastructure |
Detection
Detectable by Common Defenses (Yes/No/Partial): Yes
Explanation: Difficult, but defender is well aware of technique and attempts to find discrepancies.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: Adversary has a variety of solutions, ranging in difficulty, that can be employed (e.g., BGP hijacking, tunneling, reflection, multi-hop, etc.)Adversary can also use misattributable credentials to obtain servers, build environment, [https://aws.amazon.com Amazon Web Services] (AWS) accounts, etc.
References
- Forward-Looking Threat Research Team. (2012). LUCKYCAT REDUX: Inside an APT Campaign with Multiple Targets in India and Japan. Retrieved March 1, 2017.
×