- Home
- Techniques
- PRE-ATT&CK
- Procure required equipment and software
Procure required equipment and software
An adversary will require some physical hardware and software. They may only need a lightweight set-up if most of their activities will take place using on-line infrastructure. Or, they may need to build extensive infrastructure if they want to test, communicate, and control other aspects of their activities on their own systems. [1]
Detection
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: Outside of highly specific or rare HW, nearly impossible to detect and track.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: Ease and availability of current hardware and software, mobile phones (cash and go phones), and additional online technology simplifies adversary process to achieve this technique (and possibly without traceability). The adversary has control of the infrastructure and will likely be able to add/remove tools to infrastructure, whether acquired via hacking or standard computer acquisition (e.g., [https://aws.amazon.com AWS], VPS).
References
- William J. Broad, John Markoff, and David E. Sanger. (2011, January 15). Israeli Test on Worm Called Crucial in Iran Nuclear Delay. Retrieved March 1, 2017.