cti-ATT-CK-v13.1/pre-attack/attack-pattern/attack-pattern--31a57c70-6709-4d06-a473-c3df1f74c1d4.json

{
    "type": "bundle",
    "id": "bundle--01768190-ce05-4ceb-9826-694d85161a4e",
    "spec_version": "2.0",
    "objects": [
        {
            "id": "attack-pattern--31a57c70-6709-4d06-a473-c3df1f74c1d4",
            "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
            "name": "Assess security posture of physical locations",
            "description": "This object is deprecated as its content has been merged into the enterprise domain. Please see the [PRE](http://attack.mitre.org/matrices/enterprise/pre/) matrix for its replacement. The prior content of this page has been preserved [here](https://attack.mitre.org/versions/v7/techniques/T1302).\n\nPhysical access may be required for certain types of adversarial actions. (Citation: CyberPhysicalAssessment) (Citation: CriticalInfrastructureAssessment)",
            "external_references": [
                {
                    "source_name": "mitre-pre-attack",
                    "url": "https://attack.mitre.org/techniques/T1302",
                    "external_id": "T1302"
                },
                {
                    "source_name": "CyberPhysicalAssessment",
                    "description": "Doug MacDonald, Samuel L Clements, Scott W Patrick, Casey Perkins, George Muller, Mary J Lancaster, Will Hutton. (2013, February). Cyber/physical security vulnerability assessment integration. Retrieved March 6, 2017."
                },
                {
                    "source_name": "CriticalInfrastructureAssessment",
                    "description": "J. Depoy, J. Phelan, P. Sholander, B. Smith, G.B. Varnado and G. Wyss. (2015). RISK ASSESSMENT for PHYSICAL AND CYBER ATTACKS on CRITICAL INFRASTRUCTURES. Retrieved March 6, 2017."
                }
            ],
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
            "x_mitre_detectable_by_common_defenses": "Yes",
            "x_mitre_detectable_by_common_defenses_explanation": "Physical security is often unaware of implications of physical access to network.  However, some organizations have thorough physical security measures that would log and report attempted incursions, perimeter breaches, unusual RF at a site, etc.",
            "x_mitre_difficulty_for_adversary": "Yes",
            "x_mitre_difficulty_for_adversary_explanation": "Social engineering and OSINT are still generally successful.  Physical locations of offices/sites are easily determined.  Monitoring for other sites of interest, such as backup storage vendors, is also easy to accomplish.",
            "x_mitre_version": "1.0",
            "x_mitre_old_attack_id": "PRE-T1079",
            "type": "attack-pattern",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "mitre-pre-attack",
                    "phase_name": "organizational-weakness-identification"
                }
            ],
            "modified": "2020-10-26T13:42:49.342Z",
            "created": "2017-12-14T16:46:06.044Z",
            "x_mitre_deprecated": true
        }
    ]
}