mirror of
https://github.com/DISARMFoundation/DISARMframeworks.git
synced 2024-12-23 22:39:45 -05:00
40 lines
2.5 KiB
JSON
40 lines
2.5 KiB
JSON
|
{
|
||
|
"type": "bundle",
|
||
|
"id": "bundle--e7fb76aa-a303-4635-a5db-c2e8299a03a7",
|
||
|
"objects": [
|
||
|
{
|
||
|
"type": "attack-pattern",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "attack-pattern--15ca8e62-e179-4dd8-9f5e-427771e915a3",
|
||
|
"created_by_ref": "identity--f1a0f560-2d9e-4c5d-bf47-7e96e805de82",
|
||
|
"created": "2024-08-02T17:12:32.391349Z",
|
||
|
"modified": "2024-08-02T17:12:32.391349Z",
|
||
|
"name": "Think Tank Persona",
|
||
|
"description": "An institution with a think tank persona presents itself as a think tank; an organisation that aims to conduct original research and propose new policies or solutions, especially for social and scientific problems.<br><br> While presenting as a think tank is not an indication of inauthentic behaviour, think tank personas are commonly used by threat actors as a front for their operational activity (T0143.002: Fabricated Persona, T0097.204: Think Tank Persona). They may be created to give legitimacy to narratives and allow them to suggest politically beneficial solutions to societal issues.<br><br> Legitimate think tanks could have a political bias that they may not be transparent about, they could use their persona for malicious purposes, or they could be exploited by threat actors (T0143.001: Authentic Persona, T0097.204: Think Tank Persona). For example, a think tank could take money for using their position to provide legitimacy to a false narrative, or be tricked into doing so without their knowledge.<br><br> <b>Associated Techniques and Sub-techniques</b><br> <b>T0097.107: Researcher Persona:</b> Institutions presenting as think tanks may also present researchers working within the organisation.",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "mitre-attack",
|
||
|
"phase_name": "establish-legitimacy"
|
||
|
}
|
||
|
],
|
||
|
"external_references": [
|
||
|
{
|
||
|
"source_name": "mitre-attack",
|
||
|
"url": "https://github.com/DISARMFoundation/DISARMframeworks/blob/main/generated_pages/techniques/T0097.204.md",
|
||
|
"external_id": "T0097.204"
|
||
|
}
|
||
|
],
|
||
|
"object_marking_refs": [
|
||
|
"marking-definition--f79f25d2-8b96-4580-b169-eb7b613a7c31"
|
||
|
],
|
||
|
"x_mitre_is_subtechnique": true,
|
||
|
"x_mitre_platforms": [
|
||
|
"Windows",
|
||
|
"Linux",
|
||
|
"Mac"
|
||
|
],
|
||
|
"x_mitre_version": "2.1"
|
||
|
}
|
||
|
]
|
||
|
}
|