cti-ATT-CK-v13.1/pre-attack/attack-pattern/attack-pattern--2c8a9df4-52a9-4770-94b3-5e95ab7d59f9.json

{
    "type": "bundle",
    "id": "bundle--5da2b4d6-bb52-497c-8ba6-16b27b832433",
    "spec_version": "2.0",
    "objects": [
        {
            "id": "attack-pattern--2c8a9df4-52a9-4770-94b3-5e95ab7d59f9",
            "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
            "name": "Leverage compromised 3rd party resources",
            "description": "**This technique has been deprecated. Please see ATT&CK's Initial Access and Execution tactics for replacement techniques.**\n\nThe utilization of resources not owned by the adversary to launch exploits or operations. This includes utilizing equipment that was previously compromised or leveraging access  gained by other methods (such as compromising an employee at a business partner location). (Citation: CitizenLabGreatCannon)",
            "external_references": [
                {
                    "source_name": "mitre-pre-attack",
                    "external_id": "T1375",
                    "url": "https://attack.mitre.org/techniques/T1375"
                },
                {
                    "description": "Bill Marczak, Jakub Dalek, John Scott-Railton, Ron Deibert, Sarah McKune. (2015, April 10). China\u2019s Great Cannon. Retrieved March 9, 2017.",
                    "source_name": "CitizenLabGreatCannon"
                }
            ],
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
            "type": "attack-pattern",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "mitre-pre-attack",
                    "phase_name": "launch"
                }
            ],
            "modified": "2020-03-30T14:21:59.520Z",
            "created": "2017-12-14T16:46:06.044Z",
            "x_mitre_is_subtechnique": false,
            "x_mitre_old_attack_id": "PRE-T1152",
            "x_mitre_version": "1.0",
            "x_mitre_difficulty_for_adversary_explanation": "Conducting technique requires either nation-state level capabilities or large amounts of financing to coordinate multiple 3rd party resources to gain desired insight.",
            "x_mitre_difficulty_for_adversary": "No",
            "x_mitre_detectable_by_common_defenses_explanation": "While possible to detect, it requires a broader vantage point than is typical that provides increased insight and conducts extensive data analysis and correlation between events.",
            "x_mitre_deprecated": true,
            "x_mitre_detectable_by_common_defenses": "No"
        }
    ]
}