Hugging Face's logo

khoicrtp
/
test_scratch

Model card Files Community
test_scratch / cti-ATT-CK-v13.1 /ics-attack /attack-pattern /attack-pattern--2877063e-1851-48d2-bcc6-bc1d2733157e.json
khoicrtp's picture
khoicrtp
Upload 2298 files
5fe70fd
raw
history blame
4.9 kB
{
"type": "bundle",
"id": "bundle--cd538bb1-62d1-425e-9eb1-25854469a90d",
"spec_version": "2.0",
"objects": [
{
"modified": "2023-03-30T20:20:38.285Z",
"name": "Wireless Compromise",
"description": "Adversaries may perform wireless compromise as a method of gaining communications and unauthorized access to a wireless network. Access to a wireless network may be gained through the compromise of a wireless device. (Citation: Alexander Bolshev, Gleb Cherbov July 2014) (Citation: Alexander Bolshev March 2014) Adversaries may also utilize radios and other wireless communication devices on the same frequency as the wireless network. Wireless compromise can be done as an initial access vector from a remote distance. \n\nA Polish student used a modified TV remote controller to gain access to and control over the Lodz city tram system in Poland. (Citation: John Bill May 2017) (Citation: Shelley Smith February 2008) The remote controller device allowed the student to interface with the trams network to modify track settings and override operator control. The adversary may have accomplished this by aligning the controller to the frequency and amplitude of IR control protocol signals. (Citation: Bruce Schneier January 2008) The controller then enabled initial access to the network, allowing the capture and replay of tram signals. (Citation: John Bill May 2017)",
"kill_chain_phases": [
{
"kill_chain_name": "mitre-ics-attack",
"phase_name": "initial-access"
}
],
"x_mitre_contributors": [
"Scott Dougherty"
],
"x_mitre_deprecated": false,
"x_mitre_detection": "",
"x_mitre_domains": [
"ics-attack"
],
"x_mitre_is_subtechnique": false,
"x_mitre_platforms": [
"Control Server",
"Field Controller/RTU/PLC/IED",
"Input/Output Server"
],
"x_mitre_version": "1.2",
"x_mitre_data_sources": [
"Application Log: Application Log Content",
"Logon Session: Logon Session Creation",
"Network Traffic: Network Traffic Flow"
],
"type": "attack-pattern",
"id": "attack-pattern--2877063e-1851-48d2-bcc6-bc1d2733157e",
"created": "2020-05-21T17:43:26.506Z",
"created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
"revoked": false,
"external_references": [
{
"source_name": "mitre-attack",
"url": "https://attack.mitre.org/techniques/T0860",
"external_id": "T0860"
},
{
"source_name": "Alexander Bolshev March 2014",
"description": "Alexander Bolshev 2014, March 11 S4x14: HART As An Attack Vector Retrieved. 2020/01/05 ",
"url": "https://www.slideshare.net/dgpeters/17-bolshev-1-13"
},
{
"source_name": "Alexander Bolshev, Gleb Cherbov July 2014",
"description": "Alexander Bolshev, Gleb Cherbov 2014, July 08 ICSCorsair: How I will PWN your ERP through 4-20 mA current loop Retrieved. 2020/01/05 ",
"url": "https://www.blackhat.com/docs/us-14/materials/us-14-Bolshev-ICSCorsair-How-I-Will-PWN-Your-ERP-Through-4-20mA-Current-Loop-WP.pdf"
},
{
"source_name": "Bruce Schneier January 2008",
"description": "Bruce Schneier 2008, January 17 Hacking Polish Trams Retrieved. 2019/10/17 ",
"url": "https://www.schneier.com/blog/archives/2008/01/hacking_the_pol.html"
},
{
"source_name": "John Bill May 2017",
"description": "John Bill 2017, May 12 Hacked Cyber Security Railways Retrieved. 2019/10/17 ",
"url": "https://www.londonreconnections.com/2017/hacked-cyber-security-railways/"
},
{
"source_name": "Shelley Smith February 2008",
"description": "Shelley Smith 2008, February 12 Teen Hacker in Poland Plays Trains and Derails City Tram System Retrieved. 2019/10/17 ",
"url": "https://inhomelandsecurity.com/teen_hacker_in_poland_plays_tr/"
}
],
"object_marking_refs": [
"marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
],
"x_mitre_attack_spec_version": "3.1.0",
"x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5"
}
]
}