cti-ATT-CK-v13.1/ics-attack/x-mitre-tactic/x-mitre-tactic--298fe907-7931-4fd2-8131-2814dd493134.json

{
    "type": "bundle",
    "id": "bundle--00cb1983-fde3-4f67-b940-728391fd147c",
    "spec_version": "2.0",
    "objects": [
        {
            "modified": "2023-03-08T22:12:52.701Z",
            "name": "Inhibit Response Function",
            "description": "The adversary is trying to prevent your safety, protection, quality assurance, and operator intervention functions from responding to a failure, hazard, or unsafe state.\n\nInhibit Response Function consists of techniques that adversaries use to hinder the safeguards put in place for processes and products. This may involve the inhibition of safety, protection, quality assurance, or operator intervention functions to disrupt safeguards that aim to prevent the loss of life, destruction of equipment, and disruption of production. These techniques aim to actively deter and prevent expected alarms and responses that arise due to statuses in the ICS environment. Adversaries may modify or update system logic, or even outright prevent responses with a denial-of-service. They may result in the prevention, destruction, manipulation, or modification of programs, logic, devices, and communications. As prevention functions are generally dormant, reporting and processing functions can appear fine, but may have been altered to prevent failure responses in dangerous scenarios. Unlike [Evasion](https://attack.mitre.org/tactics/TA0103), Inhibit Response Function techniques may be more intrusive, such as actively preventing responses to a known dangerous scenario. Adversaries may use these techniques to follow through with or provide cover for [Impact](https://attack.mitre.org/tactics/TA0105) techniques.",
            "x_mitre_deprecated": false,
            "x_mitre_domains": [
                "ics-attack"
            ],
            "x_mitre_version": "1.0",
            "x_mitre_shortname": "inhibit-response-function",
            "type": "x-mitre-tactic",
            "id": "x-mitre-tactic--298fe907-7931-4fd2-8131-2814dd493134",
            "created": "2018-10-17T00:14:20.652Z",
            "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
            "revoked": false,
            "external_references": [
                {
                    "source_name": "mitre-attack",
                    "url": "https://attack.mitre.org/tactics/TA0107",
                    "external_id": "TA0107"
                }
            ],
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
            "x_mitre_attack_spec_version": "3.1.0",
            "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5"
        }
    ]
}