test_scratch
/
cti-ATT-CK-v13.1
/ics-attack
/attack-pattern
/attack-pattern--5a2610f6-9fff-41e1-bc27-575ca20383d4.json
{ | |
"type": "bundle", | |
"id": "bundle--8f4749a1-5360-4d0a-8ab7-d85f7797039b", | |
"spec_version": "2.0", | |
"objects": [ | |
{ | |
"modified": "2023-03-09T18:38:51.471Z", | |
"name": "Execution through API", | |
"description": "Adversaries may attempt to leverage Application Program Interfaces (APIs) used for communication between control software and the hardware. Specific functionality is often coded into APIs which can be called by software to engage specific functions on a device or other software.", | |
"kill_chain_phases": [ | |
{ | |
"kill_chain_name": "mitre-ics-attack", | |
"phase_name": "execution" | |
} | |
], | |
"x_mitre_attack_spec_version": "2.1.0", | |
"x_mitre_deprecated": false, | |
"x_mitre_detection": "", | |
"x_mitre_domains": [ | |
"ics-attack" | |
], | |
"x_mitre_is_subtechnique": false, | |
"x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5", | |
"x_mitre_platforms": [ | |
"Field Controller/RTU/PLC/IED" | |
], | |
"x_mitre_version": "1.1", | |
"x_mitre_data_sources": [ | |
"Process: OS API Execution" | |
], | |
"type": "attack-pattern", | |
"id": "attack-pattern--5a2610f6-9fff-41e1-bc27-575ca20383d4", | |
"created": "2020-05-21T17:43:26.506Z", | |
"created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5", | |
"revoked": false, | |
"external_references": [ | |
{ | |
"source_name": "mitre-attack", | |
"url": "https://attack.mitre.org/techniques/T0871", | |
"external_id": "T0871" | |
} | |
], | |
"object_marking_refs": [ | |
"marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168" | |
] | |
} | |
] | |
} |