Enable an adversary to conduct part or all of their mission.
Facilitate is used to enable an adversary to conduct part or all of their mission. This could include using unpatched versions of operating systems and software, removing end-point detection software, and using weak password. It may also include opening firewall ports, adding proxy capabilities, or introducing elements that an adversary can easily leverage to bypass an obstacle in their operations.
Technique | Description |
---|---|
DTE0001 - Admin Access | Modify a user's administrative privileges. |
DTE0004 - Application Diversity | Present the adversary with a variety of installed applications and services. |
DTE0007 - Behavioral Analytics | Deploy tools that detect unusual system or user behavior. |
DTE0008 - Burn-In | Exercise a target system in a manner where it will generate desirable system artifacts. |
DTE0010 - Decoy Account | Create an account that is used for active defense purposes. |
DTE0011 - Decoy Content | Seed content that can be used to lead an adversary in a specific direction, entice a behavior, etc. |
DTE0012 - Decoy Credentials | Create user credentials that are used for active defense purposes. |
DTE0013 - Decoy Diversity | Deploy a set of decoy systems with different OS and software configurations. |
DTE0015 - Decoy Persona | Develop personal information (aka a backstory) about a user and plant data to support that backstory. |
DTE0017 - Decoy System | Configure a computing system to serve as an attack target or experimental environment. |
DTE0025 - Network Diversity | Use a diverse set of devices on the network to help establish the legitimacy of a decoy network. |
DTE0026 - Network Manipulation | Make changes to network properties and functions to achieve a desired effect. |
DTE0029 - Peripheral Management | Manage peripheral devices used on systems within the network for active defense purposes. |
DTE0030 - Pocket Litter | Place data on a system to reinforce the legitimacy of the system or user. |
DTE0032 - Security Controls | Alter security controls to make the system more or less vulnerable to attack. |
DTE0036 - Software Manipulation | Make changes to a system's software properties and functions to achieve a desired effect. |