{
    "type": "bundle",
    "id": "bundle--09237a38-5c4d-46a5-9879-d0a044b58a48",
    "spec_version": "2.0",
    "objects": [
        {
            "id": "attack-pattern--286cc500-4291-45c2-99a1-e760db176402",
            "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
            "name": "Acquire and/or use 3rd party infrastructure services",
            "description": "This object is deprecated as its content has been merged into the enterprise domain. Please see the [PRE](http://attack.mitre.org/matrices/enterprise/pre/) matrix for its replacement. The prior content of this page has been preserved [here](https://attack.mitre.org/versions/v7/techniques/T1307).\n\nA wide variety of cloud, virtual private services, hosting, compute, and storage solutions are available. Additionally botnets are available for rent or purchase. Use of these solutions allow an adversary to stage, launch, and execute an attack from infrastructure that does not physically tie back to them and can be rapidly provisioned, modified, and shut down. (Citation: LUCKYCAT2012)",
            "external_references": [
                {
                    "source_name": "mitre-pre-attack",
                    "url": "https://attack.mitre.org/techniques/T1307",
                    "external_id": "T1307"
                },
                {
                    "source_name": "LUCKYCAT2012",
                    "description": "Forward-Looking Threat Research Team. (2012). LUCKYCAT REDUX: Inside an APT Campaign with Multiple Targets in India and Japan. Retrieved March 1, 2017."
                }
            ],
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
            "x_mitre_detectable_by_common_defenses": "No",
            "x_mitre_detectable_by_common_defenses_explanation": "3rd party services highly leveraged by legitimate services, hard to distinguish from background noise.  While an adversary can use their own infrastructure, most know this is a sure- re way to get caught. To add degrees of separation, they can buy or rent from another adversary or accomplice.",
            "x_mitre_difficulty_for_adversary": "Yes",
            "x_mitre_difficulty_for_adversary_explanation": "Wide range of 3rd party services for hosting, rotating, or moving C2, static data, exploits, exfiltration, etc.",
            "x_mitre_version": "1.0",
            "x_mitre_old_attack_id": "PRE-T1084",
            "type": "attack-pattern",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "mitre-pre-attack",
                    "phase_name": "adversary-opsec"
                }
            ],
            "modified": "2020-10-26T13:42:49.342Z",
            "created": "2017-12-14T16:46:06.044Z",
            "x_mitre_deprecated": true
        }
    ]
}