mirror of
https://github.com/DISARMFoundation/DISARMframeworks.git
synced 2024-12-25 15:29:45 -05:00
Merge pull request #4 from DISARMFoundation/subtechniques
Subtechniques
This commit is contained in:
commit
fc124b877c
@ -11,7 +11,7 @@ from stix2 import (Bundle, AttackPattern, ThreatActor, IntrusionSet, Relationshi
|
||||
from stix2.properties import (ReferenceProperty, ListProperty, StringProperty, TimestampProperty, BooleanProperty, IntegerProperty)
|
||||
|
||||
import helpers
|
||||
from objects import tactic, technique, matrix, bundle
|
||||
from objects import tactic, technique, matrix, bundle, relationship
|
||||
from helpers import xlsx, file
|
||||
|
||||
|
||||
@ -25,18 +25,19 @@ def generate_disarm_stix():
|
||||
|
||||
tactics = tactic.make_disarm_tactics(data)
|
||||
techniques = technique.make_disarm_techniques(data)
|
||||
subtechniques = technique.make_disarm_subtechniques(data)
|
||||
subtechnique_relationships = relationship.make_disarm_subtechnique_relationships(techniques, subtechniques)
|
||||
navigator_matrix = matrix.make_disarm_matrix(tactics)
|
||||
|
||||
stix_objects = []
|
||||
stix_objects.append(tactics)
|
||||
stix_objects.append(techniques)
|
||||
stix_objects.append(subtechniques)
|
||||
stix_objects.append(subtechnique_relationships)
|
||||
stix_objects.append(navigator_matrix)
|
||||
|
||||
stix_objects = [item for sublist in stix_objects for item in sublist]
|
||||
|
||||
# for i in stix_objects:
|
||||
# print(i)
|
||||
|
||||
disarm_bundle = bundle.make_stix_bundle(stix_objects)
|
||||
|
||||
helpers.file.clean_output_dir()
|
||||
@ -44,6 +45,5 @@ def generate_disarm_stix():
|
||||
helpers.file.write_bundle(disarm_bundle, "DISARM")
|
||||
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
generate_disarm_stix()
|
@ -34,11 +34,6 @@ def make_disarm_matrix(tactics):
|
||||
]
|
||||
name = 'DISARM Framework'
|
||||
|
||||
# print(tactics)
|
||||
# p =[i.id for i in tactics]
|
||||
# r = properties.ReferenceProperty()
|
||||
# f = properties.ListProperty(r)
|
||||
|
||||
tactic_refs = [i.id for i in tactics]
|
||||
|
||||
matrix = Matrix(
|
||||
|
@ -19,3 +19,27 @@ def make_disarm_subtechnique_relationship(source, target):
|
||||
)
|
||||
|
||||
return relationship
|
||||
|
||||
|
||||
def make_disarm_subtechnique_relationships(techniques, subtechniques):
|
||||
"""Creates a map of technique and sub-technique.
|
||||
|
||||
Args:
|
||||
techniques (list): List of STIX2 technique objects.
|
||||
subtechniques (list): List of STIX2 subtechnique objects.
|
||||
|
||||
Returns:
|
||||
A Relationship object.
|
||||
|
||||
"""
|
||||
technique_ids = {}
|
||||
for technique in techniques:
|
||||
technique_ids[technique["external_references"][0]["external_id"]] = technique["id"]
|
||||
|
||||
relationships = []
|
||||
for subtechnique in subtechniques:
|
||||
technique_id = technique_ids[subtechnique["external_references"][0]["external_id"].split(".")[0]]
|
||||
relationship = make_disarm_subtechnique_relationship(subtechnique["id"], technique_id)
|
||||
relationships.append(relationship)
|
||||
|
||||
return relationships
|
||||
|
@ -3,6 +3,11 @@ from stix2 import CustomObject, properties, ExternalReference
|
||||
import objects.marking_definition
|
||||
from objects import identity, marking_definition
|
||||
|
||||
valid_tactics = ["plan-strategy", "plan-objectives", "microtarget", "develop-content",
|
||||
"select-channels-and-affordances", "conduct-pump-priming", "deliver-content",
|
||||
"drive-offline-activity", "persist-in-the-information-environment", "assess-effectiveness",
|
||||
"target-audience-analysis", "develop-narratives", "establish-social-assets", "establish-legitimacy",
|
||||
"maximize-exposure", "drive-online-harms"]
|
||||
|
||||
@CustomObject('x-mitre-tactic', [
|
||||
('name', properties.StringProperty(required=True)),
|
||||
@ -12,14 +17,8 @@ from objects import identity, marking_definition
|
||||
])
|
||||
class Tactic(object):
|
||||
def __init__(self, x_mitre_shortname=None, **kwargs):
|
||||
if x_mitre_shortname and x_mitre_shortname not in ["strategic-planning", "objective-planning",
|
||||
"develop-people", "develop-persona",
|
||||
"develop-networks", "microtargeting", "develop-content",
|
||||
"channel-selection", "pump-priming", "exposure",
|
||||
"go-physical",
|
||||
"persistence", "measure-effectiveness"]:
|
||||
# raise ValueError("'%s' is not a recognized DISARM Tactic." % x_mitre_shortname)
|
||||
print("'%s' is not a recognized DISARM Tactic." % x_mitre_shortname)
|
||||
if x_mitre_shortname and x_mitre_shortname not in valid_tactics:
|
||||
raise ValueError("'%s' is not a recognized DISARM Tactic." % x_mitre_shortname)
|
||||
|
||||
|
||||
def make_disarm_tactics(data):
|
||||
@ -54,4 +53,3 @@ def make_disarm_tactics(data):
|
||||
tactics.append(tactic)
|
||||
|
||||
return tactics
|
||||
|
||||
|
@ -19,7 +19,7 @@ def make_disarm_techniques(data):
|
||||
for t in data["techniques"].values.tolist():
|
||||
external_references = [
|
||||
{
|
||||
'external_id': f'{t[0]}',
|
||||
'external_id': f'{t[0]}'.strip(),
|
||||
'source_name': 'DISARM',
|
||||
'url': f'https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/{t[0]}.md'
|
||||
}
|
||||
@ -50,7 +50,7 @@ def make_disarm_techniques(data):
|
||||
kill_chain_phases=kill_chain_phases,
|
||||
custom_properties={
|
||||
'x_mitre_platforms': x_mitre_platforms,
|
||||
'x_mitre_version': "1,0",
|
||||
'x_mitre_version': "1.0",
|
||||
'x_mitre_is_subtechnique': x_mitre_is_subtechnique
|
||||
}
|
||||
)
|
||||
@ -59,13 +59,57 @@ def make_disarm_techniques(data):
|
||||
return techniques
|
||||
|
||||
|
||||
def make_subtechnique_map(techinques):
|
||||
def make_disarm_subtechniques(data):
|
||||
"""
|
||||
|
||||
Args:
|
||||
techinques:
|
||||
data: The xlsx subtechnique sheet.
|
||||
|
||||
Returns:
|
||||
|
||||
"""
|
||||
pass
|
||||
tacdict = pd.Series(data["tactics"].name.values, index=data["tactics"].disarm_id).to_dict()
|
||||
techdict = pd.Series(data["techniques"].tactic_id.values, index=data["techniques"].disarm_id).to_dict()
|
||||
|
||||
subtechniques = []
|
||||
for t in data["subtechniques"].values.tolist():
|
||||
external_references = [
|
||||
{
|
||||
'external_id': f'{t[0]}'.strip(),
|
||||
'source_name': 'DISARM',
|
||||
'url': f'https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/{t[0]}.md'
|
||||
}
|
||||
]
|
||||
|
||||
kill_chain_phases = [
|
||||
{
|
||||
'phase_name': tacdict[techdict[t[2]]].replace(' ', '-').lower(),
|
||||
'kill_chain_name': 'mitre-attack'
|
||||
}
|
||||
]
|
||||
|
||||
subtechnique = t[0].split(".")
|
||||
x_mitre_is_subtechnique = False
|
||||
if len(subtechnique) > 1:
|
||||
x_mitre_is_subtechnique = True
|
||||
|
||||
# MITRE ATT&CK Navigator expect techniques to have at least one of these platforms.
|
||||
# Without one, the technique will not render in the Navigator.
|
||||
x_mitre_platforms = 'Windows', 'Linux', 'Mac'
|
||||
|
||||
technique = AttackPattern(
|
||||
name=f"{t[1]}",
|
||||
description=f"{t[3]}",
|
||||
external_references=external_references,
|
||||
object_marking_refs=objects.marking_definition.make_disarm_marking_definition(),
|
||||
created_by_ref=objects.identity.make_disarm_identity(),
|
||||
kill_chain_phases=kill_chain_phases,
|
||||
custom_properties={
|
||||
'x_mitre_platforms': x_mitre_platforms,
|
||||
'x_mitre_version': "1.0",
|
||||
'x_mitre_is_subtechnique': x_mitre_is_subtechnique
|
||||
}
|
||||
)
|
||||
|
||||
subtechniques.append(technique)
|
||||
return subtechniques
|
@ -18,7 +18,7 @@
|
||||
},
|
||||
{
|
||||
"cell_type": "code",
|
||||
"execution_count": 1,
|
||||
"execution_count": 2,
|
||||
"metadata": {
|
||||
"scrolled": true
|
||||
},
|
||||
@ -35,248 +35,18 @@
|
||||
"updated ../generated_pages/phases_index.md\n",
|
||||
"Temp: objecttype tactic\n",
|
||||
"updated ../generated_pages/tactics_index.md\n",
|
||||
"Updating ../generated_pages/tactics/TA01.md\n",
|
||||
"Updating ../generated_pages/tactics/TA02.md\n",
|
||||
"Updating ../generated_pages/tactics/TA05.md\n",
|
||||
"Updating ../generated_pages/tactics/TA06.md\n",
|
||||
"Updating ../generated_pages/tactics/TA07.md\n",
|
||||
"Updating ../generated_pages/tactics/TA08.md\n",
|
||||
"Updating ../generated_pages/tactics/TA09.md\n",
|
||||
"Updating ../generated_pages/tactics/TA10.md\n",
|
||||
"Updating ../generated_pages/tactics/TA11.md\n",
|
||||
"Updating ../generated_pages/tactics/TA12.md\n",
|
||||
"Updating ../generated_pages/tactics/TA15.md\n",
|
||||
"Temp: objecttype technique\n",
|
||||
"updated ../generated_pages/techniques_index.md\n",
|
||||
"Updating ../generated_pages/techniques/T0002.md\n",
|
||||
"Updating ../generated_pages/techniques/T0003.md\n",
|
||||
"Updating ../generated_pages/techniques/T0004.md\n",
|
||||
"Updating ../generated_pages/techniques/T0007.md\n",
|
||||
"Updating ../generated_pages/techniques/T0009.md\n",
|
||||
"Updating ../generated_pages/techniques/T0010.md\n",
|
||||
"Updating ../generated_pages/techniques/T0011.md\n",
|
||||
"Updating ../generated_pages/techniques/T0013.md\n",
|
||||
"Updating ../generated_pages/techniques/T0014.md\n",
|
||||
"Updating ../generated_pages/techniques/T0015.md\n",
|
||||
"Updating ../generated_pages/techniques/T0016.md\n",
|
||||
"Updating ../generated_pages/techniques/T0017.md\n",
|
||||
"Updating ../generated_pages/techniques/T0018.md\n",
|
||||
"Updating ../generated_pages/techniques/T0019.md\n",
|
||||
"Updating ../generated_pages/techniques/T0020.md\n",
|
||||
"Updating ../generated_pages/techniques/T0022.md\n",
|
||||
"Updating ../generated_pages/techniques/T0023.md\n",
|
||||
"Updating ../generated_pages/techniques/T0029.md\n",
|
||||
"Updating ../generated_pages/techniques/T0040.md\n",
|
||||
"Updating ../generated_pages/techniques/T0042.md\n",
|
||||
"Updating ../generated_pages/techniques/T0043.md\n",
|
||||
"Updating ../generated_pages/techniques/T0044.md\n",
|
||||
"Updating ../generated_pages/techniques/T0045.md\n",
|
||||
"Updating ../generated_pages/techniques/T0046.md\n",
|
||||
"Updating ../generated_pages/techniques/T0047.md\n",
|
||||
"Updating ../generated_pages/techniques/T0048.md\n",
|
||||
"Updating ../generated_pages/techniques/T0049.md\n",
|
||||
"Updating ../generated_pages/techniques/T0057.md\n",
|
||||
"Updating ../generated_pages/techniques/T0059.md\n",
|
||||
"Updating ../generated_pages/techniques/T0060.md\n",
|
||||
"Updating ../generated_pages/techniques/T0061.md\n",
|
||||
"Temp: objecttype task\n",
|
||||
"updated ../generated_pages/tasks_index.md\n",
|
||||
"Temp: objecttype incident\n",
|
||||
"updated ../generated_pages/incidents_index.md\n",
|
||||
"Updating ../generated_pages/incidents/I00002.md\n",
|
||||
"Updating ../generated_pages/incidents/I00005.md\n",
|
||||
"Updating ../generated_pages/incidents/I00006.md\n",
|
||||
"Updating ../generated_pages/incidents/I00007.md\n",
|
||||
"Updating ../generated_pages/incidents/I00009.md\n",
|
||||
"Updating ../generated_pages/incidents/I00010.md\n",
|
||||
"Updating ../generated_pages/incidents/I00015.md\n",
|
||||
"Updating ../generated_pages/incidents/I00017.md\n",
|
||||
"Updating ../generated_pages/incidents/I00022.md\n",
|
||||
"Updating ../generated_pages/incidents/I00029.md\n",
|
||||
"Updating ../generated_pages/incidents/I00032.md\n",
|
||||
"Updating ../generated_pages/incidents/I00033.md\n",
|
||||
"Updating ../generated_pages/incidents/I00034.md\n",
|
||||
"Updating ../generated_pages/incidents/I00042.md\n",
|
||||
"Updating ../generated_pages/incidents/I00044.md\n",
|
||||
"Updating ../generated_pages/incidents/I00047.md\n",
|
||||
"Updating ../generated_pages/incidents/I00049.md\n",
|
||||
"Updating ../generated_pages/incidents/I00050.md\n",
|
||||
"Updating ../generated_pages/incidents/I00051.md\n",
|
||||
"Updating ../generated_pages/incidents/I00053.md\n",
|
||||
"Updating ../generated_pages/incidents/I00056.md\n",
|
||||
"Updating ../generated_pages/incidents/I00063.md\n",
|
||||
"Temp: objecttype counter\n",
|
||||
"updated ../generated_pages/counters_index.md\n",
|
||||
"Updating ../generated_pages/counters/C00006.md\n",
|
||||
"Updating ../generated_pages/counters/C00008.md\n",
|
||||
"Updating ../generated_pages/counters/C00009.md\n",
|
||||
"Updating ../generated_pages/counters/C00010.md\n",
|
||||
"Updating ../generated_pages/counters/C00011.md\n",
|
||||
"Updating ../generated_pages/counters/C00012.md\n",
|
||||
"Updating ../generated_pages/counters/C00013.md\n",
|
||||
"Updating ../generated_pages/counters/C00014.md\n",
|
||||
"Updating ../generated_pages/counters/C00016.md\n",
|
||||
"Updating ../generated_pages/counters/C00017.md\n",
|
||||
"Updating ../generated_pages/counters/C00019.md\n",
|
||||
"Updating ../generated_pages/counters/C00021.md\n",
|
||||
"Updating ../generated_pages/counters/C00022.md\n",
|
||||
"Updating ../generated_pages/counters/C00024.md\n",
|
||||
"Updating ../generated_pages/counters/C00026.md\n",
|
||||
"Updating ../generated_pages/counters/C00027.md\n",
|
||||
"Updating ../generated_pages/counters/C00029.md\n",
|
||||
"Updating ../generated_pages/counters/C00030.md\n",
|
||||
"Updating ../generated_pages/counters/C00031.md\n",
|
||||
"Updating ../generated_pages/counters/C00034.md\n",
|
||||
"Updating ../generated_pages/counters/C00036.md\n",
|
||||
"Updating ../generated_pages/counters/C00040.md\n",
|
||||
"Updating ../generated_pages/counters/C00042.md\n",
|
||||
"Updating ../generated_pages/counters/C00044.md\n",
|
||||
"Updating ../generated_pages/counters/C00046.md\n",
|
||||
"Updating ../generated_pages/counters/C00048.md\n",
|
||||
"Updating ../generated_pages/counters/C00051.md\n",
|
||||
"Updating ../generated_pages/counters/C00052.md\n",
|
||||
"Updating ../generated_pages/counters/C00053.md\n",
|
||||
"Updating ../generated_pages/counters/C00058.md\n",
|
||||
"Updating ../generated_pages/counters/C00059.md\n",
|
||||
"Updating ../generated_pages/counters/C00060.md\n",
|
||||
"Updating ../generated_pages/counters/C00065.md\n",
|
||||
"Updating ../generated_pages/counters/C00066.md\n",
|
||||
"Updating ../generated_pages/counters/C00067.md\n",
|
||||
"Updating ../generated_pages/counters/C00070.md\n",
|
||||
"Updating ../generated_pages/counters/C00071.md\n",
|
||||
"Updating ../generated_pages/counters/C00072.md\n",
|
||||
"Updating ../generated_pages/counters/C00073.md\n",
|
||||
"Updating ../generated_pages/counters/C00074.md\n",
|
||||
"Updating ../generated_pages/counters/C00076.md\n",
|
||||
"Updating ../generated_pages/counters/C00078.md\n",
|
||||
"Updating ../generated_pages/counters/C00080.md\n",
|
||||
"Updating ../generated_pages/counters/C00081.md\n",
|
||||
"Updating ../generated_pages/counters/C00082.md\n",
|
||||
"Updating ../generated_pages/counters/C00084.md\n",
|
||||
"Updating ../generated_pages/counters/C00085.md\n",
|
||||
"Updating ../generated_pages/counters/C00086.md\n",
|
||||
"Updating ../generated_pages/counters/C00087.md\n",
|
||||
"Updating ../generated_pages/counters/C00090.md\n",
|
||||
"Updating ../generated_pages/counters/C00091.md\n",
|
||||
"Updating ../generated_pages/counters/C00092.md\n",
|
||||
"Updating ../generated_pages/counters/C00093.md\n",
|
||||
"Updating ../generated_pages/counters/C00096.md\n",
|
||||
"Updating ../generated_pages/counters/C00097.md\n",
|
||||
"Updating ../generated_pages/counters/C00098.md\n",
|
||||
"Updating ../generated_pages/counters/C00099.md\n",
|
||||
"Updating ../generated_pages/counters/C00101.md\n",
|
||||
"Updating ../generated_pages/counters/C00103.md\n",
|
||||
"Updating ../generated_pages/counters/C00105.md\n",
|
||||
"Updating ../generated_pages/counters/C00106.md\n",
|
||||
"Updating ../generated_pages/counters/C00107.md\n",
|
||||
"Updating ../generated_pages/counters/C00111.md\n",
|
||||
"Updating ../generated_pages/counters/C00112.md\n",
|
||||
"Updating ../generated_pages/counters/C00113.md\n",
|
||||
"Updating ../generated_pages/counters/C00114.md\n",
|
||||
"Updating ../generated_pages/counters/C00115.md\n",
|
||||
"Updating ../generated_pages/counters/C00117.md\n",
|
||||
"Updating ../generated_pages/counters/C00118.md\n",
|
||||
"Updating ../generated_pages/counters/C00119.md\n",
|
||||
"Updating ../generated_pages/counters/C00120.md\n",
|
||||
"Updating ../generated_pages/counters/C00121.md\n",
|
||||
"Updating ../generated_pages/counters/C00122.md\n",
|
||||
"Updating ../generated_pages/counters/C00123.md\n",
|
||||
"Updating ../generated_pages/counters/C00124.md\n",
|
||||
"Updating ../generated_pages/counters/C00125.md\n",
|
||||
"Updating ../generated_pages/counters/C00126.md\n",
|
||||
"Updating ../generated_pages/counters/C00128.md\n",
|
||||
"Updating ../generated_pages/counters/C00129.md\n",
|
||||
"Updating ../generated_pages/counters/C00130.md\n",
|
||||
"Updating ../generated_pages/counters/C00131.md\n",
|
||||
"Updating ../generated_pages/counters/C00133.md\n",
|
||||
"Updating ../generated_pages/counters/C00135.md\n",
|
||||
"Updating ../generated_pages/counters/C00136.md\n",
|
||||
"Updating ../generated_pages/counters/C00138.md\n",
|
||||
"Updating ../generated_pages/counters/C00142.md\n",
|
||||
"Updating ../generated_pages/counters/C00143.md\n",
|
||||
"Updating ../generated_pages/counters/C00147.md\n",
|
||||
"Updating ../generated_pages/counters/C00148.md\n",
|
||||
"Updating ../generated_pages/counters/C00149.md\n",
|
||||
"Updating ../generated_pages/counters/C00153.md\n",
|
||||
"Updating ../generated_pages/counters/C00154.md\n",
|
||||
"Updating ../generated_pages/counters/C00155.md\n",
|
||||
"Updating ../generated_pages/counters/C00156.md\n",
|
||||
"Updating ../generated_pages/counters/C00160.md\n",
|
||||
"Updating ../generated_pages/counters/C00161.md\n",
|
||||
"Updating ../generated_pages/counters/C00162.md\n",
|
||||
"Updating ../generated_pages/counters/C00164.md\n",
|
||||
"Updating ../generated_pages/counters/C00169.md\n",
|
||||
"Updating ../generated_pages/counters/C00172.md\n",
|
||||
"Updating ../generated_pages/counters/C00174.md\n",
|
||||
"Updating ../generated_pages/counters/C00176.md\n"
|
||||
]
|
||||
},
|
||||
{
|
||||
"name": "stdout",
|
||||
"output_type": "stream",
|
||||
"text": [
|
||||
"Updating ../generated_pages/counters/C00178.md\n",
|
||||
"Updating ../generated_pages/counters/C00182.md\n",
|
||||
"Updating ../generated_pages/counters/C00184.md\n",
|
||||
"Updating ../generated_pages/counters/C00188.md\n",
|
||||
"Updating ../generated_pages/counters/C00189.md\n",
|
||||
"Updating ../generated_pages/counters/C00190.md\n",
|
||||
"Updating ../generated_pages/counters/C00195.md\n",
|
||||
"Updating ../generated_pages/counters/C00197.md\n",
|
||||
"Updating ../generated_pages/counters/C00200.md\n",
|
||||
"Updating ../generated_pages/counters/C00203.md\n",
|
||||
"Updating ../generated_pages/counters/C00205.md\n",
|
||||
"Updating ../generated_pages/counters/C00207.md\n",
|
||||
"Updating ../generated_pages/counters/C00211.md\n",
|
||||
"Updating ../generated_pages/counters/C00212.md\n",
|
||||
"Updating ../generated_pages/counters/C00216.md\n",
|
||||
"Temp: objecttype metatechnique\n",
|
||||
"updated ../generated_pages/metatechniques_index.md\n",
|
||||
"Updating ../generated_pages/metatechniques/M001.md\n",
|
||||
"Updating ../generated_pages/metatechniques/M002.md\n",
|
||||
"Updating ../generated_pages/metatechniques/M003.md\n",
|
||||
"Updating ../generated_pages/metatechniques/M004.md\n",
|
||||
"Updating ../generated_pages/metatechniques/M005.md\n",
|
||||
"Updating ../generated_pages/metatechniques/M006.md\n",
|
||||
"Updating ../generated_pages/metatechniques/M007.md\n",
|
||||
"Updating ../generated_pages/metatechniques/M008.md\n",
|
||||
"Updating ../generated_pages/metatechniques/M009.md\n",
|
||||
"Updating ../generated_pages/metatechniques/M010.md\n",
|
||||
"Updating ../generated_pages/metatechniques/M011.md\n",
|
||||
"Updating ../generated_pages/metatechniques/M012.md\n",
|
||||
"Updating ../generated_pages/metatechniques/M013.md\n",
|
||||
"Updating ../generated_pages/metatechniques/M014.md\n",
|
||||
"Temp: objecttype actortype\n",
|
||||
"updated ../generated_pages/actortypes_index.md\n",
|
||||
"Updating ../generated_pages/actortypes/A001.md\n",
|
||||
"Updating ../generated_pages/actortypes/A003.md\n",
|
||||
"Updating ../generated_pages/actortypes/A004.md\n",
|
||||
"Updating ../generated_pages/actortypes/A005.md\n",
|
||||
"Updating ../generated_pages/actortypes/A006.md\n",
|
||||
"Updating ../generated_pages/actortypes/A007.md\n",
|
||||
"Updating ../generated_pages/actortypes/A008.md\n",
|
||||
"Updating ../generated_pages/actortypes/A009.md\n",
|
||||
"Updating ../generated_pages/actortypes/A010.md\n",
|
||||
"Updating ../generated_pages/actortypes/A012.md\n",
|
||||
"Updating ../generated_pages/actortypes/A013.md\n",
|
||||
"Updating ../generated_pages/actortypes/A014.md\n",
|
||||
"Updating ../generated_pages/actortypes/A015.md\n",
|
||||
"Updating ../generated_pages/actortypes/A016.md\n",
|
||||
"Updating ../generated_pages/actortypes/A017.md\n",
|
||||
"Updating ../generated_pages/actortypes/A018.md\n",
|
||||
"Updating ../generated_pages/actortypes/A019.md\n",
|
||||
"Updating ../generated_pages/actortypes/A020.md\n",
|
||||
"Updating ../generated_pages/actortypes/A021.md\n",
|
||||
"Updating ../generated_pages/actortypes/A023.md\n",
|
||||
"Updating ../generated_pages/actortypes/A024.md\n",
|
||||
"Updating ../generated_pages/actortypes/A025.md\n",
|
||||
"Updating ../generated_pages/actortypes/A026.md\n",
|
||||
"Updating ../generated_pages/actortypes/A027.md\n",
|
||||
"Updating ../generated_pages/actortypes/A028.md\n",
|
||||
"Updating ../generated_pages/actortypes/A029.md\n",
|
||||
"Updating ../generated_pages/actortypes/A031.md\n",
|
||||
"Updating ../generated_pages/actortypes/A032.md\n",
|
||||
"Updating ../generated_pages/actortypes/A033.md\n",
|
||||
"updated ../generated_pages/responsetype_index.md\n",
|
||||
"updated ../generated_pages/detections_index.md\n",
|
||||
"updated ../generated_pages/tactics_by_responsetype_table.md\n",
|
||||
@ -300,31 +70,9 @@
|
||||
},
|
||||
{
|
||||
"cell_type": "code",
|
||||
"execution_count": 2,
|
||||
"execution_count": 5,
|
||||
"metadata": {},
|
||||
"outputs": [
|
||||
{
|
||||
"name": "stdout",
|
||||
"output_type": "stream",
|
||||
"text": [
|
||||
"'plan-strategy' is not a recognized DISARM Tactic.\n",
|
||||
"'plan-objectives' is not a recognized DISARM Tactic.\n",
|
||||
"'microtarget' is not a recognized DISARM Tactic.\n",
|
||||
"'select-channels-and-affordances' is not a recognized DISARM Tactic.\n",
|
||||
"'conduct-pump-priming' is not a recognized DISARM Tactic.\n",
|
||||
"'deliver-content' is not a recognized DISARM Tactic.\n",
|
||||
"'drive-offline-activity' is not a recognized DISARM Tactic.\n",
|
||||
"'persist-in-the-information-environment' is not a recognized DISARM Tactic.\n",
|
||||
"'assess-effectiveness' is not a recognized DISARM Tactic.\n",
|
||||
"'target-audience-analysis' is not a recognized DISARM Tactic.\n",
|
||||
"'develop-narratives' is not a recognized DISARM Tactic.\n",
|
||||
"'establish-social-assets' is not a recognized DISARM Tactic.\n",
|
||||
"'establish-legitimacy' is not a recognized DISARM Tactic.\n",
|
||||
"'maximize-exposure' is not a recognized DISARM Tactic.\n",
|
||||
"'drive-online-harms' is not a recognized DISARM Tactic.\n"
|
||||
]
|
||||
}
|
||||
],
|
||||
"outputs": [],
|
||||
"source": [
|
||||
"import sys\n",
|
||||
"sys.path.insert(0, \"DISARM-STIX2\")\n",
|
||||
|
Binary file not shown.
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--22790942-b58a-4592-8fdc-208ef85865a6",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--0148f9dd-21af-4cd1-a317-4bbefc2d3dbf",
|
||||
"created_by_ref": "identity--09940f92-b071-4771-954b-fc892ada6863",
|
||||
"created": "2022-07-02T04:22:03.128513Z",
|
||||
"modified": "2022-07-02T04:22:03.128513Z",
|
||||
"name": "Create dedicated hashtag",
|
||||
"description": "Create a campaign/incident specific hashtag.",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "select-channels-and-affordances"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0104.006.md",
|
||||
"external_id": "T0104.006"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--302f59a3-bc17-4905-86f7-be4530cdcfe1"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--82966992-13b3-4969-87e1-9f1c12e6e1e6",
|
||||
"id": "bundle--ad505d38-5c8f-4fc0-81f4-0616e71a9fa7",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--7d9d64b6-7ffe-43af-8ef2-a9995c3a04fe",
|
||||
"created_by_ref": "identity--e84c2b80-51c8-4352-8897-64a4395c4664",
|
||||
"created": "2022-07-01T17:31:14.959768Z",
|
||||
"modified": "2022-07-01T17:31:14.959768Z",
|
||||
"id": "attack-pattern--01a0834b-c185-4ab4-811e-3a3ecd234f71",
|
||||
"created_by_ref": "identity--80b01bdf-d8c9-4c1a-bcaa-9b95361cdba0",
|
||||
"created": "2022-07-02T04:22:03.086614Z",
|
||||
"modified": "2022-07-02T04:22:03.086614Z",
|
||||
"name": "Obtain Private Documents",
|
||||
"description": "TA06",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--a38b6652-27e6-49b8-8446-5ae50bb53fa1"
|
||||
"marking-definition--3f66a390-8323-4ae1-a279-e0829041aac7"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--c9df0bc5-1bf8-4387-a98b-b5b9e06ed24d",
|
||||
"id": "bundle--aaf60751-16e7-4073-94b5-1c6a10ebf29f",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--c09a6467-ad8c-41d3-8dad-990048fe8cdd",
|
||||
"created_by_ref": "identity--afc48f88-907d-4563-8cb0-cd0cb03c0c09",
|
||||
"created": "2022-07-01T17:31:14.940425Z",
|
||||
"modified": "2022-07-01T17:31:14.940425Z",
|
||||
"id": "attack-pattern--0577caea-3336-48cd-bc1a-177e3fbb1906",
|
||||
"created_by_ref": "identity--8640ea23-915e-41cb-9dbd-c81bf70b9b5a",
|
||||
"created": "2022-07-02T04:22:03.073031Z",
|
||||
"modified": "2022-07-02T04:22:03.073031Z",
|
||||
"name": "Create Clickbait",
|
||||
"description": "TA05",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--3710d797-7ccf-4f87-84e7-5e7f283ec71f"
|
||||
"marking-definition--5510c27d-c910-4dbf-b594-3d01b57b12a5"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--755d9fa6-5793-4203-ac7a-fed491e37431",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--05b27309-f960-4bdb-8f7c-81a6d3df74fe",
|
||||
"created_by_ref": "identity--3cdf67d3-7108-48de-b396-357a5cea96be",
|
||||
"created": "2022-07-02T04:22:03.105577Z",
|
||||
"modified": "2022-07-02T04:22:03.105577Z",
|
||||
"name": "Identify Wedge Issues",
|
||||
"description": "A wedge issue is a divisive political issue, usually concerning a social phenomenon, that divides individuals along a defined line. An influence operation may exploit wedge issues by intentionally polarizing the public along the wedge issue line and encouraging opposition between factions.",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "target-audience-analysis"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0081.006.md",
|
||||
"external_id": "T0081.006"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--a0933792-0d21-4e92-81f0-9bf587950bc5"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--9b80ceda-a633-462c-b707-3e3fc153d330",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--07693c90-df6d-43ae-9d0e-66119aeb3d7b",
|
||||
"created_by_ref": "identity--be50a8f9-f947-44d5-8e14-c6ebb7849ad2",
|
||||
"created": "2022-07-02T04:22:03.139675Z",
|
||||
"modified": "2022-07-02T04:22:03.139675Z",
|
||||
"name": "Report Non-Violative Opposing Content",
|
||||
"description": "Reporting opposing content refers to notifying and providing an instance of a violation of a platform\u2019s guidelines and policies for conduct on the platform. In addition to simply reporting the content, an operation may leverage copyright regulations to trick social media and web platforms into removing opposing content by manipulating the content to appear in violation of copyright laws. Reporting opposing content facilitates the suppression of contradictory information and allows operation narratives to take priority in the information space. ",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "drive-online-harms"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0124.001.md",
|
||||
"external_id": "T0124.001"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--5211c49d-112d-4121-bb1e-9e8c3914935a"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--30689219-3c7b-4fce-b623-87a26658b034",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--07cdf656-71ef-44ee-b307-1a66439a2870",
|
||||
"created_by_ref": "identity--c6997c26-67e6-426d-aefa-8646e8c9d00f",
|
||||
"created": "2022-07-02T04:22:03.129467Z",
|
||||
"modified": "2022-07-02T04:22:03.129467Z",
|
||||
"name": "Audio sharing",
|
||||
"description": "Examples include podcasting apps, Soundcloud, etc.",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "select-channels-and-affordances"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0105.003.md",
|
||||
"external_id": "T0105.003"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--6f5ca75f-347a-429e-8d04-01822e52277d"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--1b29cd83-49a3-4633-aed3-215cd45ebb9d",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--08148393-fc91-438a-95c6-c67caafd3f66",
|
||||
"created_by_ref": "identity--437d5bfb-26b4-4574-a665-5bfb482aea0d",
|
||||
"created": "2022-07-02T04:22:03.124593Z",
|
||||
"modified": "2022-07-02T04:22:03.124593Z",
|
||||
"name": "Use existing Echo Chambers/Filter Bubbles",
|
||||
"description": "nan",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "microtarget"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0102.001.md",
|
||||
"external_id": "T0102.001"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--66247d10-aeed-4da1-b681-7367f7501519"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--e11b93a2-c912-4792-9f78-537c8c538fb6",
|
||||
"id": "bundle--933f1c9a-1932-42a0-8f0d-21732223e5d2",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--6ea72015-dbca-45cb-be1f-4696804c2044",
|
||||
"created_by_ref": "identity--6c7aeb26-5de2-4cbd-b374-058bf0ff9cf3",
|
||||
"created": "2022-07-01T17:31:14.97189Z",
|
||||
"modified": "2022-07-01T17:31:14.97189Z",
|
||||
"id": "attack-pattern--08a11627-de00-4ac2-b6ee-b11ad36b309b",
|
||||
"created_by_ref": "identity--46b061de-34b2-4987-a18c-9e2e14a946c5",
|
||||
"created": "2022-07-02T04:22:03.095308Z",
|
||||
"modified": "2022-07-02T04:22:03.095308Z",
|
||||
"name": "Post Content",
|
||||
"description": "TA09",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--f426039e-efb6-4b73-a721-87c61ad63e38"
|
||||
"marking-definition--b335337d-178c-4d43-acc1-263ed50feb4c"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--fa97dce7-af7f-4e15-b277-1db49420e1dc",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--08d5a3b5-6a73-4994-8124-f918b0a24652",
|
||||
"created_by_ref": "identity--2461e501-b6a8-4476-b30a-943fd5c52682",
|
||||
"created": "2022-07-02T04:22:03.151159Z",
|
||||
"modified": "2022-07-02T04:22:03.151159Z",
|
||||
"name": "View Focused",
|
||||
"description": "nan",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "assess-effectiveness"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0132.003.md",
|
||||
"external_id": "T0132.003"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--02f1c0de-dd3e-47b5-8651-0d33b8e3ee0d"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--17055fa4-628d-4768-a680-5f609e8e5e99",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--092de9b1-422f-4359-a11a-5910713c78ae",
|
||||
"created_by_ref": "identity--98a1ed58-fe31-4e4e-b134-4b08416b2262",
|
||||
"created": "2022-07-02T04:22:03.141619Z",
|
||||
"modified": "2022-07-02T04:22:03.141619Z",
|
||||
"name": "Conduct Symbolic Action",
|
||||
"description": "Symbolic action refers to activities specifically intended to advance an operation\u2019s narrative by signaling something to the audience, for example, a military parade supporting a state\u2019s narrative of military superiority. An influence operation may use symbolic action to create falsified evidence supporting operation narratives in the physical information space. ",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "drive-offline-activity"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0057.002.md",
|
||||
"external_id": "T0057.002"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--8d6cfbf8-6eb3-4a92-b640-dc53c04d1611"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--fed6ca4b-dad8-4f41-b4b8-eec8e808a35a",
|
||||
"id": "bundle--e33b4ddd-62d0-46bb-941d-b9c027994b8b",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--e0f1572c-6276-474a-9ad5-ea09293dcbb7",
|
||||
"created_by_ref": "identity--59e7043a-7790-4c09-83e7-4734480a942f",
|
||||
"created": "2022-07-01T17:31:14.958854Z",
|
||||
"modified": "2022-07-01T17:31:14.958854Z",
|
||||
"id": "attack-pattern--0a2d5ebd-0296-45e3-9575-a14b2a1e9dc8",
|
||||
"created_by_ref": "identity--9c8de478-97d2-4c9d-88b0-5b6e5313f851",
|
||||
"created": "2022-07-02T04:22:03.085981Z",
|
||||
"modified": "2022-07-02T04:22:03.085981Z",
|
||||
"name": "Develop Video-based Content",
|
||||
"description": "TA06",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--633ef314-e9fa-48a1-a7d2-49370a5f836a"
|
||||
"marking-definition--abca5f1b-b4e3-4317-bc5c-34cbc80e9538"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--ef30d2f5-bffe-4577-9c92-8396607dd026",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--0ac0d78a-4949-4687-a7bd-0008178680cd",
|
||||
"created_by_ref": "identity--f4fa225a-6169-4d38-8476-9dc249aeca76",
|
||||
"created": "2022-07-02T04:22:03.138087Z",
|
||||
"modified": "2022-07-02T04:22:03.138087Z",
|
||||
"name": "Dox",
|
||||
"description": "Doxing refers to online harassment in which individuals publicly release private information about another individual, including names, addresses, employment information, pictures, family members, and other sensitive information. An influence operation may dox its opposition to encourage individuals aligned with operation narratives to harass the doxed individuals themselves or otherwise discourage the doxed individuals from posting or proliferating conflicting content. ",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "drive-online-harms"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0048.004.md",
|
||||
"external_id": "T0048.004"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--6ab22ce0-cafc-46f5-b607-b19b5ce8a129"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--0ad60b5e-f2b2-48aa-b7df-ce4b9b283f17",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--0b5f4f5c-7a93-458b-9ed5-a441ab539b33",
|
||||
"created_by_ref": "identity--be72c048-88ce-441d-b668-6d0f143cefc4",
|
||||
"created": "2022-07-02T04:22:03.149928Z",
|
||||
"modified": "2022-07-02T04:22:03.149928Z",
|
||||
"name": "Post Borderline Content",
|
||||
"description": "nan",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "persist-in-the-information-environment"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0131.002.md",
|
||||
"external_id": "T0131.002"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--69039388-8ab9-45e3-8ce4-c30291fd8faf"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--bc7ae2c6-02b0-4d2a-ac6e-ced09adf879d",
|
||||
"id": "bundle--e8472b1c-36fc-42e7-aee8-b30f9c8e9e58",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--b6b83eac-df2f-4a4a-a365-e3affbe2838a",
|
||||
"created_by_ref": "identity--5d94075d-aed1-418b-bab1-c54fad2eb3cd",
|
||||
"created": "2022-07-01T17:31:14.951093Z",
|
||||
"modified": "2022-07-01T17:31:14.951093Z",
|
||||
"id": "attack-pattern--0c2361a2-11a9-4aad-ab3a-a258e4e0ce85",
|
||||
"created_by_ref": "identity--bb013d68-f517-43ff-befa-514e3fca120c",
|
||||
"created": "2022-07-02T04:22:03.080523Z",
|
||||
"modified": "2022-07-02T04:22:03.080523Z",
|
||||
"name": "Degrade Adversary",
|
||||
"description": "TA02",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--b4718ba0-41ba-4923-962e-10426c474c17"
|
||||
"marking-definition--b83349c1-fa4d-454e-90f1-a0fc1f36d6b7"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--df6c406c-2f4c-4860-9292-2de500a45afd",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--0c63bf4d-fa02-4b40-8683-2a0994e3895e",
|
||||
"created_by_ref": "identity--c069cbb5-940d-487b-a145-5b1c124a2104",
|
||||
"created": "2022-07-02T04:22:03.122694Z",
|
||||
"modified": "2022-07-02T04:22:03.122694Z",
|
||||
"name": "Leverage Existing Inauthentic News Sites",
|
||||
"description": "An influence operation may prepare assets impersonating legitimate entities to further conceal its network identity and add a layer of legitimacy to its operation content. Users will more likely believe and less likely fact-check news from recognizable sources rather than unknown sites. Legitimate entities may include authentic news outlets, public figures, organizations, or state entities. \nAn influence operation may use a wide variety of cyber techniques to impersonate a legitimate entity\u2019s website or social media account. Typosquatting87 is the international registration of a domain name with purposeful variations of the impersonated domain name through intentional typos, top-level domain (TLD) manipulation, or punycode. Typosquatting facilitates the creation of falsified websites by creating similar domain names in the URL box, leaving it to the user to confirm that the URL is correct. ",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "establish-legitimacy"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0098.002.md",
|
||||
"external_id": "T0098.002"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--cb63418c-7066-4b07-8733-094849c1e160"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--48ab23ea-ae12-4b96-9d07-40623e1ffd9b",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--0d3726bc-bf0e-4357-b2b3-96b41aa856a3",
|
||||
"created_by_ref": "identity--ff63eba0-3e4a-4b47-a402-3caaea15c330",
|
||||
"created": "2022-07-02T04:22:03.123012Z",
|
||||
"modified": "2022-07-02T04:22:03.123012Z",
|
||||
"name": "Astroturfing",
|
||||
"description": "Astroturfing occurs when an influence operation disguises itself as grassroots movement or organization that supports operation narratives. Unlike butterfly attacks, astroturfing aims to increase the appearance of popular support for the operation cause and does not infiltrate existing groups to discredit their objectives. ",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "establish-legitimacy"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0099.001.md",
|
||||
"external_id": "T0099.001"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--dc890fe2-240a-4bac-8bce-566a3eac16be"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--8cf627d4-3a60-4ee9-a868-942162d2485d",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--0d705267-24bc-49d0-9cb8-db20ef0e4312",
|
||||
"created_by_ref": "identity--20aa7572-2e93-461d-850d-b32ececde944",
|
||||
"created": "2022-07-02T04:22:03.107865Z",
|
||||
"modified": "2022-07-02T04:22:03.107865Z",
|
||||
"name": "Political Segmentation",
|
||||
"description": "An influence operation may target populations based on their political affiliations, especially when aiming to manipulate voting or change policy.",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "target-audience-analysis"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0072.005.md",
|
||||
"external_id": "T0072.005"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--9aa856d8-de84-4e6b-b348-1e5d8f5726e7"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--1190eb15-a687-4017-90de-4a022b6925eb",
|
||||
"id": "bundle--34acadc1-2ed7-4cd5-9217-961a0dedcb94",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--78c1784e-2fb8-46c8-bc60-cda1a6c0a545",
|
||||
"created_by_ref": "identity--0834574d-6550-405b-afa3-7779cb4197c0",
|
||||
"created": "2022-07-01T17:31:14.953369Z",
|
||||
"modified": "2022-07-01T17:31:14.953369Z",
|
||||
"id": "attack-pattern--0e463661-3676-4344-82a7-f5358aeae31d",
|
||||
"created_by_ref": "identity--3a2b5b1b-b29c-41ec-b262-125a61465224",
|
||||
"created": "2022-07-02T04:22:03.082142Z",
|
||||
"modified": "2022-07-02T04:22:03.082142Z",
|
||||
"name": "Dismiss",
|
||||
"description": "TA02",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--86650865-24d6-436d-95c7-d0574d4c1a43"
|
||||
"marking-definition--df5096ac-d0f1-4f54-9781-79f405df9bf8"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--cc97565a-16d7-448c-8a93-dd4dfbf44643",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--0f4c0dce-c14e-4f9c-999e-6a9654f074f0",
|
||||
"created_by_ref": "identity--ecb6c677-bbae-4fb2-b41e-105023a06352",
|
||||
"created": "2022-07-02T04:22:03.128201Z",
|
||||
"modified": "2022-07-02T04:22:03.128201Z",
|
||||
"name": "Use hashtags",
|
||||
"description": "Use a dedicated, existing hashtag for the campaign/incident.",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "select-channels-and-affordances"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0104.005.md",
|
||||
"external_id": "T0104.005"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--93130825-a391-4641-9628-9d9d345640b2"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--b4f128f6-ad9b-40e3-821f-143c587681d7",
|
||||
"id": "bundle--fa18b3f9-373f-45f6-bad2-1a998023080a",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--8d06d3f2-a34e-4e39-bbd7-a0435ec73b0f",
|
||||
"created_by_ref": "identity--12361440-06ad-44a6-b575-34e36c10b05c",
|
||||
"created": "2022-07-01T17:31:14.942318Z",
|
||||
"modified": "2022-07-01T17:31:14.942318Z",
|
||||
"id": "attack-pattern--0ff2ef87-d70c-49f3-972a-16108fbfdb82",
|
||||
"created_by_ref": "identity--4b533ae4-3c34-4ccc-8a29-db42dd7be09e",
|
||||
"created": "2022-07-02T04:22:03.074377Z",
|
||||
"modified": "2022-07-02T04:22:03.074377Z",
|
||||
"name": "Trial content",
|
||||
"description": "TA08",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--45520f55-9ac2-488b-9a40-28f6395ec8b1"
|
||||
"marking-definition--64269a16-723b-405c-b048-a9e040d96eba"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--bbea67b4-3f12-4e6c-8f9e-5f176b3bebdd",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--1118e422-bcff-403f-9e8b-e5934b16d432",
|
||||
"created_by_ref": "identity--4de17c2a-872b-4b49-bedd-4edaa92b0ffb",
|
||||
"created": "2022-07-02T04:22:03.130435Z",
|
||||
"modified": "2022-07-02T04:22:03.130435Z",
|
||||
"name": "Newspaper",
|
||||
"description": "nan",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "select-channels-and-affordances"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0111.002.md",
|
||||
"external_id": "T0111.002"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--ee2e77f1-43fa-4886-baa8-9d0e83ebbe86"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--9217bbe9-0c22-4946-87af-dc1ea54e748b",
|
||||
"id": "bundle--25398708-bc32-4a59-b8ce-6f7467e585a0",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--b74c4ea7-a51b-4738-90f3-3daf8c4e4f6a",
|
||||
"created_by_ref": "identity--2cecb1f4-0253-4adc-8097-aa51b07681ff",
|
||||
"created": "2022-07-01T17:31:14.958396Z",
|
||||
"modified": "2022-07-01T17:31:14.958396Z",
|
||||
"id": "attack-pattern--134fb9f0-ca77-4e1f-af85-2a7b49382224",
|
||||
"created_by_ref": "identity--daf39689-4e5c-4591-8322-211f133d7944",
|
||||
"created": "2022-07-02T04:22:03.085667Z",
|
||||
"modified": "2022-07-02T04:22:03.085667Z",
|
||||
"name": "Develop Image-based Content",
|
||||
"description": "TA06",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--69102417-8fe9-4768-af2f-b79a003c84a4"
|
||||
"marking-definition--26b1768d-df1e-4c22-882e-2f5734b270aa"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--c12ec9c9-66a6-4587-bdea-19589095e4ea",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--15e37fa3-0927-4cda-a91b-b2fcf1de0e2a",
|
||||
"created_by_ref": "identity--776c20f1-07f5-4a99-a802-b8ba5dac7cd1",
|
||||
"created": "2022-07-02T04:22:03.134269Z",
|
||||
"modified": "2022-07-02T04:22:03.134269Z",
|
||||
"name": "Conduct Swarming",
|
||||
"description": "Swarming refers to the coordinated use of accounts to overwhelm the information space with operation content. Unlike information flooding, swarming centers exclusively around a specific event or actor rather than a general narrative. Swarming relies on \u201chorizontal communication\u201d between information assets rather than a top-down, vertical command-and-control approach. ",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "maximize-exposure"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0049.005.md",
|
||||
"external_id": "T0049.005"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--8ff428d8-fa13-4d36-ac32-a89aa0e17273"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--713a987a-0ef1-401c-b414-3cc772bd84b7",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--161aa4a2-a59f-4d55-90b5-cb117b99a9e7",
|
||||
"created_by_ref": "identity--1013b66b-4ed9-4546-b259-1042a0a728a8",
|
||||
"created": "2022-07-02T04:22:03.148334Z",
|
||||
"modified": "2022-07-02T04:22:03.148334Z",
|
||||
"name": "Utilize Bulletproof Hosting",
|
||||
"description": "Hosting refers to services through which storage and computing resources are provided to an individual or organization for the accommodation and maintenance of one or more websites and related services. Services may include web hosting, file sharing, and email distribution. Bulletproof hosting refers to services provided by an entity, such as a domain hosting or web hosting firm, that allows its customer considerable leniency in use of the service. An influence operation may utilize bulletproof hosting to maintain continuity of service for suspicious, illegal, or disruptive operation activities that stricter hosting services would limit, report, or suspend. ",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "persist-in-the-information-environment"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0130.002.md",
|
||||
"external_id": "T0130.002"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--c7f71c91-9cb4-4fe7-8ea9-4f389026de49"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--e85f3252-38a5-411b-89e6-aae697764bbd",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--1665bd77-075a-40e0-b344-76382fa64dc2",
|
||||
"created_by_ref": "identity--320f2010-7f08-40ce-9681-b6bff1eb6016",
|
||||
"created": "2022-07-02T04:22:03.110416Z",
|
||||
"modified": "2022-07-02T04:22:03.110416Z",
|
||||
"name": "Develop False or Altered Documents",
|
||||
"description": "nan",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "develop-content"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0085.002.md",
|
||||
"external_id": "T0085.002"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--44c4223b-a542-4444-b697-76c5c0fc24b9"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--6e92b4de-538c-4693-bf93-6eef6ef89a7f",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--17ae8352-79ab-4160-b192-cd70463fdba0",
|
||||
"created_by_ref": "identity--4f14919c-6b5b-4c17-a196-d221bbe9c5fb",
|
||||
"created": "2022-07-02T04:22:03.123637Z",
|
||||
"modified": "2022-07-02T04:22:03.123637Z",
|
||||
"name": "Co-Opt Trusted Individuals",
|
||||
"description": "nan",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "establish-legitimacy"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0100.001.md",
|
||||
"external_id": "T0100.001"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--15123be0-5444-4596-837d-2a145f419356"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--71280fb0-bb10-465a-8d6f-9756532db6f0",
|
||||
"id": "bundle--ba2d0fed-5f6d-48b0-999f-166cb247033e",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--f9dd7b55-82d4-4259-818f-a2dc30832813",
|
||||
"created_by_ref": "identity--11d9b11c-5f54-4592-8572-95adfe5376d2",
|
||||
"created": "2022-07-01T17:31:14.966249Z",
|
||||
"modified": "2022-07-01T17:31:14.966249Z",
|
||||
"id": "attack-pattern--187e3391-9355-412c-94bd-3aa951359917",
|
||||
"created_by_ref": "identity--f78a2e25-3eb2-4bfe-9004-25f538766eca",
|
||||
"created": "2022-07-02T04:22:03.09143Z",
|
||||
"modified": "2022-07-02T04:22:03.09143Z",
|
||||
"name": "Livestream",
|
||||
"description": "TA07",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--63da3709-7951-4335-a54e-cf3a20e5f46f"
|
||||
"marking-definition--8e0217a7-cf78-4582-be4d-e0e0849b7061"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--28eaf5ec-f92c-4264-8c6e-7a5008feca09",
|
||||
"id": "bundle--c462fbd1-20a6-459a-b27e-76994b09c797",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--6f7001ca-244b-436e-910a-dca164b10211",
|
||||
"created_by_ref": "identity--460bcd71-be88-4f1c-ad27-b2cd8602363e",
|
||||
"created": "2022-07-01T17:31:14.943705Z",
|
||||
"modified": "2022-07-01T17:31:14.943705Z",
|
||||
"id": "attack-pattern--1944a6a4-0101-4c95-bd6d-1d8b674a712f",
|
||||
"created_by_ref": "identity--2ce1558c-41e6-4805-b4d8-19824d5d876b",
|
||||
"created": "2022-07-02T04:22:03.075336Z",
|
||||
"modified": "2022-07-02T04:22:03.075336Z",
|
||||
"name": "Online polls",
|
||||
"description": "TA07",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--1e4b11cf-8d5c-44ea-9e6f-d6f3798f004c"
|
||||
"marking-definition--bc185ad5-3887-4955-bda7-998d5442b6c1"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--6218f10a-9c78-4ef6-84fe-1dc521118eac",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--197d83f1-5d84-407d-9867-0c369fff8209",
|
||||
"created_by_ref": "identity--bf19cf8a-3634-4a53-ac80-4ee6c1014deb",
|
||||
"created": "2022-07-02T04:22:03.139046Z",
|
||||
"modified": "2022-07-02T04:22:03.139046Z",
|
||||
"name": "Destroy Information Generation Capabilities",
|
||||
"description": "Destroying information generation capabilities refers to actions taken to limit, degrade, or otherwise incapacitate an actor\u2019s ability to generate conflicting information. An influence operation may destroy an actor\u2019s information generation capabilities by physically dismantling the information infrastructure, disconnecting resources needed for information generation, or redirecting information generation personnel. An operation may destroy an adversary\u2019s information generation capabilities to limit conflicting content exposure to the target audience and crowd the information space with its own narratives. ",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "drive-online-harms"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0123.003.md",
|
||||
"external_id": "T0123.003"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--4b33bd1e-c2a6-45c3-9eb7-cf6557197dbb"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--fd58963e-036f-4631-a64a-da3e8a83119c",
|
||||
"id": "bundle--d33d1983-ec2e-491a-8a92-8a776c4c7cad",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--cd5c8d2c-5eef-4d24-bdbd-5bd5d8c50fad",
|
||||
"created_by_ref": "identity--fcc1f919-43ee-4c6a-bf17-f919d5497443",
|
||||
"created": "2022-07-01T17:31:14.954282Z",
|
||||
"modified": "2022-07-01T17:31:14.954282Z",
|
||||
"id": "attack-pattern--1a11d543-72b6-4dbb-b43d-fb074f0f4cea",
|
||||
"created_by_ref": "identity--47060639-328a-4575-8b0d-4fdb1509db99",
|
||||
"created": "2022-07-02T04:22:03.082795Z",
|
||||
"modified": "2022-07-02T04:22:03.082795Z",
|
||||
"name": "Distract",
|
||||
"description": "TA02",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--d1e05051-e028-4431-b520-826b84a5b2b4"
|
||||
"marking-definition--0e5e1495-8b8b-4049-ad11-e12bfafb28b1"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--58fae451-8950-4376-839f-60c328b018c0",
|
||||
"id": "bundle--1cace462-d771-4b0f-8ee6-92d9d87b91ee",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--6bcdda2b-3536-49b8-9415-592e9166a7fa",
|
||||
"created_by_ref": "identity--e7d4152b-211b-410a-98b8-3205bbe6a2e7",
|
||||
"created": "2022-07-01T17:31:14.965333Z",
|
||||
"modified": "2022-07-01T17:31:14.965333Z",
|
||||
"id": "attack-pattern--1aa64eda-9ca1-4bee-9d8e-03df564224be",
|
||||
"created_by_ref": "identity--c7d44c36-4d0d-4b23-8908-74b169e8b1e1",
|
||||
"created": "2022-07-02T04:22:03.090706Z",
|
||||
"modified": "2022-07-02T04:22:03.090706Z",
|
||||
"name": "Create Localized Content",
|
||||
"description": "TA05",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--d89825ee-bfbe-4683-bdad-927ba92bb451"
|
||||
"marking-definition--d907d1c7-4986-40e2-90a3-f22ab0a818c0"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--0b257550-e900-461c-8c04-aab183d121d5",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--1baa6985-10f2-4917-83d7-c005c2c6eb0c",
|
||||
"created_by_ref": "identity--ab73a551-6769-4a81-b62f-e69a89c20bd9",
|
||||
"created": "2022-07-02T04:22:03.122377Z",
|
||||
"modified": "2022-07-02T04:22:03.122377Z",
|
||||
"name": "Create Inauthentic News Sites",
|
||||
"description": "nan",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "establish-legitimacy"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0098.001.md",
|
||||
"external_id": "T0098.001"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--c5753eb8-1685-4869-8fea-b5e350bbe86a"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--52dc4e00-30f1-4c6a-a26f-79372cc9ffda",
|
||||
"id": "bundle--253a9c1c-e1f7-4ded-b1ad-d76cdfc88105",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--0d17c049-09cc-4535-8007-29f321317726",
|
||||
"created_by_ref": "identity--f867c0f8-c0a0-4bc1-bc72-3120ab02669a",
|
||||
"created": "2022-07-01T17:31:14.977845Z",
|
||||
"modified": "2022-07-01T17:31:14.977845Z",
|
||||
"id": "attack-pattern--1cb5bd52-aed3-4c59-a5ac-7fca75c22ae6",
|
||||
"created_by_ref": "identity--d0d9e3d3-fe83-49db-aa1e-711c791b66fe",
|
||||
"created": "2022-07-02T04:22:03.099517Z",
|
||||
"modified": "2022-07-02T04:22:03.099517Z",
|
||||
"name": "Conceal People",
|
||||
"description": "TA11",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--c12ea9e7-a532-4433-a932-f4e61cf5e1af"
|
||||
"marking-definition--4cc5ae07-6466-44d3-804f-6b134e221ed0"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--1abb02dc-56a7-46a5-ad2d-ad5ed797cbe6",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--1cc04493-e157-40b6-8173-9848d6b87e58",
|
||||
"created_by_ref": "identity--d9d1f747-25ae-408d-9d11-4ee40031fabc",
|
||||
"created": "2022-07-02T04:22:03.112648Z",
|
||||
"modified": "2022-07-02T04:22:03.112648Z",
|
||||
"name": "Deceptively Edit Video (Cheap fakes)",
|
||||
"description": "Cheap fakes utilize less sophisticated measures of altering an image, video, or audio for example, slowing, speeding, or cutting footage to create a false context surrounding an image or event.",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "develop-content"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0087.002.md",
|
||||
"external_id": "T0087.002"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--5c412a6e-7cf1-4d89-a409-74306cad315d"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--2987a2bc-96c8-4646-bf04-4ead60e9e0aa",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--1cdd3983-14a0-4d1a-a65e-4a066047ba86",
|
||||
"created_by_ref": "identity--630f859f-d91b-442f-a9c0-0514b948c0ad",
|
||||
"created": "2022-07-02T04:22:03.152756Z",
|
||||
"modified": "2022-07-02T04:22:03.152756Z",
|
||||
"name": "Action/attitude",
|
||||
"description": "nan",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "assess-effectiveness"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0133.005.md",
|
||||
"external_id": "T0133.005"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--3998fe1d-9e44-4bb5-a106-031dea8fbe54"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--65a56669-07bb-4308-8d79-5365cd790468",
|
||||
"id": "bundle--80dd5f27-4931-4230-9e57-4ab69a016cbf",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--3010fa9d-3c56-4d39-a14d-1896f5e09c43",
|
||||
"created_by_ref": "identity--6a4503eb-1db5-442a-9f08-006dd12aa5b4",
|
||||
"created": "2022-07-01T17:31:14.967157Z",
|
||||
"modified": "2022-07-01T17:31:14.967157Z",
|
||||
"id": "attack-pattern--1e3fe580-e721-43ae-b231-6a1ffa7c7427",
|
||||
"created_by_ref": "identity--06d6bbce-9166-4ecf-8033-76d96d6ae7f9",
|
||||
"created": "2022-07-02T04:22:03.092074Z",
|
||||
"modified": "2022-07-02T04:22:03.092074Z",
|
||||
"name": "Media Sharing Networks",
|
||||
"description": "TA07",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--c1a3a62c-609f-4a7c-af88-3112ee0649ea"
|
||||
"marking-definition--ecb980c1-872e-4bef-989e-3a44e5b68c8f"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--2d5dba6a-7f95-492d-9a4d-817875b51e96",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--1e917de4-6ee5-44e3-a3e8-1bdd5b20d38b",
|
||||
"created_by_ref": "identity--21744e1f-0f4f-40c0-9e22-09c3335cfb50",
|
||||
"created": "2022-07-02T04:22:03.140956Z",
|
||||
"modified": "2022-07-02T04:22:03.140956Z",
|
||||
"name": "Facilitate logistics or support for attendance",
|
||||
"description": "Facilitate logistics or support for travel, food, housing, etc.",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "drive-offline-activity"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0126.002.md",
|
||||
"external_id": "T0126.002"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--3b36cee1-a9b6-4614-9a79-3482bdc2fdb4"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--86217776-e69e-44ce-868b-b5665ca35a5c",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--1f7789b9-c923-4862-a21c-1bb797c9134e",
|
||||
"created_by_ref": "identity--865694d3-ec33-4438-bacf-afa112f28f10",
|
||||
"created": "2022-07-02T04:22:03.104625Z",
|
||||
"modified": "2022-07-02T04:22:03.104625Z",
|
||||
"name": "Identify Existing Prejudices",
|
||||
"description": "An influence operation may exploit existing racial, religious, demographic, or social prejudices to further polarize its target audience from the rest of the public.",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "target-audience-analysis"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0081.003.md",
|
||||
"external_id": "T0081.003"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--4e2ee680-ecec-454e-bce6-27b6cd7038ed"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--d1723c74-1b85-4f8a-ba54-8f88e7a5a612",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--2025e8cd-69d0-48df-b8f7-d945860a0034",
|
||||
"created_by_ref": "identity--a9f26548-18ad-408b-a602-5c6cb0d52008",
|
||||
"created": "2022-07-02T04:22:03.125907Z",
|
||||
"modified": "2022-07-02T04:22:03.125907Z",
|
||||
"name": "Use Unencrypted Chats Apps",
|
||||
"description": "nan",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "select-channels-and-affordances"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0043.002.md",
|
||||
"external_id": "T0043.002"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--d5edaffd-54c8-407e-8df9-8d08328a4e8b"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--02760c1e-e063-47e3-ac4d-403afd511e84",
|
||||
"id": "bundle--89ab7823-8a37-4de5-894c-7614ac1e665d",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--b2d3dc7b-77a0-4cea-9735-ae1c5412ecc8",
|
||||
"created_by_ref": "identity--e48b0521-67fe-498a-bef2-bef53f5f3b45",
|
||||
"created": "2022-07-01T17:31:14.97281Z",
|
||||
"modified": "2022-07-01T17:31:14.97281Z",
|
||||
"id": "attack-pattern--21ed5757-035d-42f8-86d0-97b83763afcc",
|
||||
"created_by_ref": "identity--d249479e-c10e-43d4-8749-4b80bb7ce9ce",
|
||||
"created": "2022-07-02T04:22:03.095971Z",
|
||||
"modified": "2022-07-02T04:22:03.095971Z",
|
||||
"name": "Attract Traditional Media",
|
||||
"description": "TA09",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--685228e4-ab0f-47c6-bcec-acce11521385"
|
||||
"marking-definition--47bb1ff0-2270-42cf-bf6d-7fb46b7000a4"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--e7873752-7f81-4862-bde3-2ed361db5b90",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--235693bd-a099-438a-9532-bcf2f7cf618d",
|
||||
"created_by_ref": "identity--aae35d3f-7f70-4faf-91eb-571d576b143c",
|
||||
"created": "2022-07-02T04:22:03.144827Z",
|
||||
"modified": "2022-07-02T04:22:03.144827Z",
|
||||
"name": "Conceal Network Identity",
|
||||
"description": "Concealing network identity aims to hide the existence an influence operation\u2019s network completely. Unlike concealing sponsorship, concealing network identity denies the existence of any sort of organization. ",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "persist-in-the-information-environment"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0129.001.md",
|
||||
"external_id": "T0129.001"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--8ca6d0a3-4ddc-4cfd-a021-09fc8948d721"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--fdf6fc66-6e52-4444-9189-b5a6e2833c2d",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--23706f91-ddc8-4978-b008-9a8996489615",
|
||||
"created_by_ref": "identity--4617f4f8-03e8-4bb4-8ced-5f39ee2c416e",
|
||||
"created": "2022-07-02T04:22:03.102706Z",
|
||||
"modified": "2022-07-02T04:22:03.102706Z",
|
||||
"name": "Evaluate Media Surveys",
|
||||
"description": "An influence operation may evaluate its own or third-party media surveys to determine what type of content appeals to its target audience. Media surveys may provide insight into an audience\u2019s political views, social class, general interests, or other indicators used to tailor operation messaging to its target audience.",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "target-audience-analysis"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0080.002.md",
|
||||
"external_id": "T0080.002"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--c8b7af04-4fa2-4f43-b41e-b2c5258b7490"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--226fded6-bbef-499e-9143-0c70098ea685",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--23b4bcfc-7362-440f-97ca-1094ad0abc1e",
|
||||
"created_by_ref": "identity--909d618b-ed43-4566-a2ad-b744f772fca9",
|
||||
"created": "2022-07-02T04:22:03.109147Z",
|
||||
"modified": "2022-07-02T04:22:03.109147Z",
|
||||
"name": "Plagiarize Content",
|
||||
"description": "nan",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "develop-content"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0084.002.md",
|
||||
"external_id": "T0084.002"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--05037167-3060-45f9-af72-94d680be3593"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--31a09819-6349-4f52-b393-c79c457696e6",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--28674cbc-4d76-41f9-b764-6ded29ee44fd",
|
||||
"created_by_ref": "identity--f82c73a3-9e7f-4350-88a7-78382de7dbe0",
|
||||
"created": "2022-07-02T04:22:03.104941Z",
|
||||
"modified": "2022-07-02T04:22:03.104941Z",
|
||||
"name": "Identify Existing Fissures",
|
||||
"description": "An influence operation may identify existing fissures to pit target populations against one another or facilitate a \u201cdivide-and-conquer\" approach to tailor operation narratives along the divides.",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "target-audience-analysis"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0081.004.md",
|
||||
"external_id": "T0081.004"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--b1be49f6-94f3-493f-91cf-85cf1a39428a"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--66db9060-2525-4380-8a3e-5dd720486a3d",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--289c80c1-36af-4d61-b7f1-046161422e37",
|
||||
"created_by_ref": "identity--6bba4400-5505-422e-b988-ab6b04cb0bfe",
|
||||
"created": "2022-07-02T04:22:03.116529Z",
|
||||
"modified": "2022-07-02T04:22:03.116529Z",
|
||||
"name": "Create Bot Accounts",
|
||||
"description": "Bots refer to autonomous internet users that interact with systems or other users while imitating traditional human behavior. Bots use a variety of tools to stay active without direct human operation, including artificial intelligence and big data analytics. For example, an individual may program a Twitter bot to retweet a tweet every time it contains a certain keyword or hashtag. An influence operation may use bots to increase its exposure and artificially promote its content across the internet without dedicating additional time or human resources. \nAmplifier bots promote operation content through reposts, shares, and likes to increase the content\u2019s online popularity. Hacker bots are traditionally covert bots running on computer scripts that rarely engage with users and work primarily as agents of larger cyberattacks, such as a Distributed Denial of Service attacks. Spammer bots are programmed to post content on social media or in comment sections, usually as a supplementary tool. Impersonator bots102 pose as real people by mimicking human behavior, complicating their detection. ",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "establish-social-assets"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0090.003.md",
|
||||
"external_id": "T0090.003"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--ed106a38-1213-4f41-9cd9-64bdbeaea56b"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--0d3eef4e-d3eb-4033-a373-be4b702ec076",
|
||||
"id": "bundle--9a124a8b-d39f-4a8e-85bb-516a2a0eeb13",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--9370c9a8-b470-482b-8125-c776468b9f20",
|
||||
"created_by_ref": "identity--4cb327fe-e517-4296-9d8e-b2f0792653f2",
|
||||
"created": "2022-07-01T17:31:14.957016Z",
|
||||
"modified": "2022-07-01T17:31:14.957016Z",
|
||||
"id": "attack-pattern--28c4447e-c922-4e62-b632-6f85c3befc22",
|
||||
"created_by_ref": "identity--7eaf5956-0ca5-4c46-a5cb-ccf3f6d1cfaa",
|
||||
"created": "2022-07-02T04:22:03.084704Z",
|
||||
"modified": "2022-07-02T04:22:03.084704Z",
|
||||
"name": "Integrate Target Audience Vulnerabilities into Narrative",
|
||||
"description": "TA14",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--a86fbb95-d925-4d85-93bf-961924fe5893"
|
||||
"marking-definition--3f3ab8b8-d66b-4b73-9e0b-bd7c5bd81b9a"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--e150ad83-f2ad-4e8c-a3d6-9bf60bf3b81a",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--29750664-9ed2-4c58-b10b-68ab1eb02dc6",
|
||||
"created_by_ref": "identity--38878c6f-1db3-4eae-bd7a-07b36bcc2f3c",
|
||||
"created": "2022-07-02T04:22:03.143879Z",
|
||||
"modified": "2022-07-02T04:22:03.143879Z",
|
||||
"name": "Distance Reputable Individuals from Operation",
|
||||
"description": "Distancing reputable individuals from the operation occurs when enlisted individuals, such as celebrities or subject matter experts, actively disengage themselves from operation activities and messaging. Individuals may distance themselves from the operation by deleting old posts or statements, unfollowing operation information assets, or otherwise detaching themselves from the operation\u2019s timeline. An influence operation may want reputable individuals to distance themselves from the operation to reduce operation exposure, particularly if the operation aims to remove all evidence.",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "persist-in-the-information-environment"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0128.003.md",
|
||||
"external_id": "T0128.003"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--11441662-c80b-435d-bfb2-b925624fe053"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--5a05a6e7-8708-41a8-be75-2d064fd8a73c",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--2a372db3-69c5-42bb-b257-c43684bede04",
|
||||
"created_by_ref": "identity--3826a366-a12c-4ab2-979b-0f2759cccabe",
|
||||
"created": "2022-07-02T04:22:03.136189Z",
|
||||
"modified": "2022-07-02T04:22:03.136189Z",
|
||||
"name": "Use Affiliate Marketing Programs",
|
||||
"description": "nan",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "maximize-exposure"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0120.001.md",
|
||||
"external_id": "T0120.001"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--6d3ba371-d32d-4521-825a-0ea65e443523"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--f1d5bf3b-2a36-4b06-8d75-2433d0ff313d",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--2ac3960b-813b-4722-ba29-9e692d88341b",
|
||||
"created_by_ref": "identity--88f2a537-1478-489d-9cf1-6281cd09fe3a",
|
||||
"created": "2022-07-02T04:22:03.138733Z",
|
||||
"modified": "2022-07-02T04:22:03.138733Z",
|
||||
"name": "Block Content",
|
||||
"description": "Content blocking refers to actions taken to restrict internet access or render certain areas of the internet inaccessible. An influence operation may restrict content based on both network and content attributes. ",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "drive-online-harms"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0123.002.md",
|
||||
"external_id": "T0123.002"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--16a459ec-0f6b-4501-8308-a1b5fb1c17f9"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--568ab9c9-2b80-4801-a462-cb838ee36378",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--2b6bd718-4225-4bbe-9444-183f90644c74",
|
||||
"created_by_ref": "identity--e435d26e-0ecb-454b-9b09-17fd7ca15b75",
|
||||
"created": "2022-07-02T04:22:03.106213Z",
|
||||
"modified": "2022-07-02T04:22:03.106213Z",
|
||||
"name": "Identify Media System Vulnerabilities",
|
||||
"description": "An influence operation may exploit existing weaknesses in a target\u2019s media system. These weaknesses may include existing biases among media agencies, vulnerability to false news agencies on social media, or existing distrust of traditional media sources. An existing distrust among the public in the media system\u2019s credibility holds high potential for exploitation by an influence operation when establishing alternative news agencies to spread operation content. ",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "target-audience-analysis"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0081.008.md",
|
||||
"external_id": "T0081.008"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--2a74fdc4-aa04-4969-bb12-3b04ba5f7989"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--1ef3faee-e87b-4def-b0cd-0a263bc82564",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--2c2dea9d-8fac-4c78-aded-3ffc8b689f14",
|
||||
"created_by_ref": "identity--51fd2bb4-68fb-4f11-96fe-49ffd9017c3e",
|
||||
"created": "2022-07-02T04:22:03.107184Z",
|
||||
"modified": "2022-07-02T04:22:03.107184Z",
|
||||
"name": "Economic Segmentation",
|
||||
"description": "An influence operation may target populations based on their income bracket, wealth, or other financial or economic division. ",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "target-audience-analysis"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0072.003.md",
|
||||
"external_id": "T0072.003"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--97cd5dd6-b9fc-4d7d-add3-f620418b5cc9"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--b628a316-9385-4167-8eea-8c51cf18ca9e",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--2db4ca1d-31be-4012-899d-d15362afe682",
|
||||
"created_by_ref": "identity--0861ee99-12fe-462b-9743-4cb6532c3595",
|
||||
"created": "2022-07-02T04:22:03.124946Z",
|
||||
"modified": "2022-07-02T04:22:03.124946Z",
|
||||
"name": "Create Echo Chambers/Filter Bubbles",
|
||||
"description": "nan",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "microtarget"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0102.002.md",
|
||||
"external_id": "T0102.002"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--5bec0b82-17ab-44a2-a539-2e37e0588d63"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--29a99d02-3dbd-4d49-a2db-57db19c801a5",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--2dd166eb-2830-4440-8f7e-16ae78cbffce",
|
||||
"created_by_ref": "identity--bb91794f-6a67-4113-a342-317140133c51",
|
||||
"created": "2022-07-02T04:22:03.124276Z",
|
||||
"modified": "2022-07-02T04:22:03.124276Z",
|
||||
"name": "Co-opt Influencers",
|
||||
"description": "nan",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "establish-legitimacy"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0100.003.md",
|
||||
"external_id": "T0100.003"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--a38b765b-cb0e-4740-a322-1d25f04e9a7a"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--e271ede1-12e6-4e53-b85c-a0339e01fe38",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--2eb2d8bf-774e-44dd-942b-11302d6defc2",
|
||||
"created_by_ref": "identity--048ac8e8-6785-4993-9eb7-8d80999da439",
|
||||
"created": "2022-07-02T04:22:03.1152Z",
|
||||
"modified": "2022-07-02T04:22:03.1152Z",
|
||||
"name": "Leak False Documents",
|
||||
"description": "nan",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "develop-content"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0089.002.md",
|
||||
"external_id": "T0089.002"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--032397fc-9948-420a-af54-11f30f1f7f76"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--f55fab24-7347-4022-b221-ad0d32fb9f36",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--2eb2f147-53d7-4fae-a711-13f0181630a0",
|
||||
"created_by_ref": "identity--e6865b40-628d-4ac3-bff8-87dfa6a01831",
|
||||
"created": "2022-07-02T04:22:03.1101Z",
|
||||
"modified": "2022-07-02T04:22:03.1101Z",
|
||||
"name": "Develop AI-Generated Text",
|
||||
"description": "AI-generated texts refers to synthetic text composed by computers using text-generating AI technology. Autonomous generation refers to content created by a bot without human input, also known as bot-created content generation. Autonomous generation represents the next step in automation after language generation and may lead to automated journalism. An influence operation may use read fakes or autonomous generation to quickly develop and distribute content to the target audience.",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "develop-content"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0085.001.md",
|
||||
"external_id": "T0085.001"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--567482ec-6057-4575-b352-7626f286ff2b"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--7d7902a5-c222-45e5-9d90-3fdabbbf3dac",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--33e1fede-238e-44d8-8a11-922687bb9e73",
|
||||
"created_by_ref": "identity--a662f918-cc53-4251-b33c-ddf17b2470de",
|
||||
"created": "2022-07-02T04:22:03.151809Z",
|
||||
"modified": "2022-07-02T04:22:03.151809Z",
|
||||
"name": "Content",
|
||||
"description": "nan",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "assess-effectiveness"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0133.002.md",
|
||||
"external_id": "T0133.002"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--b85c8a28-f2b7-4a6a-b4cb-ce6c048c1aae"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--5b38dd46-7b13-42d9-8659-fa38af0df642",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--342d7f1b-2864-4daf-b3df-b25d0f9db021",
|
||||
"created_by_ref": "identity--a527dee3-824e-4e2b-8c19-53d888588b5d",
|
||||
"created": "2022-07-02T04:22:03.122044Z",
|
||||
"modified": "2022-07-02T04:22:03.122044Z",
|
||||
"name": "Backstop personas ",
|
||||
"description": "Create other assets/dossier/cover/fake relationships and/or connections or documents, sites, bylines, attributions, to establish/augment/inflate crediblity/believability",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "establish-legitimacy"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0097.001.md",
|
||||
"external_id": "T0097.001"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--21d3146c-d134-47e3-8efd-e6008bfb3ca9"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--f36afc6e-7dcb-42e9-906a-fde1d2197271",
|
||||
"id": "bundle--e44d80fc-fd82-40af-852a-5f85810cd6dc",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--613595af-7667-4975-b7d4-936e83b719eb",
|
||||
"created_by_ref": "identity--1eed5b5c-1477-45fc-b170-6aa74f848d70",
|
||||
"created": "2022-07-01T17:31:14.95201Z",
|
||||
"modified": "2022-07-01T17:31:14.95201Z",
|
||||
"id": "attack-pattern--36291e89-6ea2-40d3-a50c-3908a5c0bc99",
|
||||
"created_by_ref": "identity--461e5e65-6430-4261-bf34-e1c7005aac64",
|
||||
"created": "2022-07-02T04:22:03.081167Z",
|
||||
"modified": "2022-07-02T04:22:03.081167Z",
|
||||
"name": "Segment Audiences",
|
||||
"description": "TA13",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--8468f1d0-0a62-49ca-a117-69578133c28c"
|
||||
"marking-definition--e05f4c1b-05a0-4c94-9d8a-360ff3187774"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--49e526c9-d84b-4cd1-916f-c5928fdf8d81",
|
||||
"id": "bundle--d51e9bb6-fab8-4369-ae86-842621d03201",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--c7f36ee6-b708-4c61-9ce8-bd461716bf9b",
|
||||
"created_by_ref": "identity--49769b3e-34b7-48e7-91fe-b111180641c3",
|
||||
"created": "2022-07-01T17:31:14.954735Z",
|
||||
"modified": "2022-07-01T17:31:14.954735Z",
|
||||
"id": "attack-pattern--36a63293-15c7-4641-b676-7dc3818a48a9",
|
||||
"created_by_ref": "identity--bf099cbe-a53c-4e8d-a917-30e757cb5e59",
|
||||
"created": "2022-07-02T04:22:03.083111Z",
|
||||
"modified": "2022-07-02T04:22:03.083111Z",
|
||||
"name": "Dismay",
|
||||
"description": "TA02",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--52798030-d5af-4c74-959b-545d1de4a2fd"
|
||||
"marking-definition--3b3a7dc4-3a6c-4d1b-9223-cdf239b62306"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--46f94cba-7048-4959-a343-079c0bc66647",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--37cc79df-c35b-4702-9ebf-1db6f6878df3",
|
||||
"created_by_ref": "identity--ec0571bd-a615-4fec-bf8f-46d89505fdc4",
|
||||
"created": "2022-07-02T04:22:03.121082Z",
|
||||
"modified": "2022-07-02T04:22:03.121082Z",
|
||||
"name": "Create a Content Farm",
|
||||
"description": "nan",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "establish-social-assets"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0096.001.md",
|
||||
"external_id": "T0096.001"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--edc9e49f-bf53-4265-917c-be718b95e7f8"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--00f61f95-8a6e-4c62-889e-15d702d2bedd",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--386a6daa-c8f0-4670-bba9-032268352689",
|
||||
"created_by_ref": "identity--1480f942-a431-436e-b271-62f6f3535a6d",
|
||||
"created": "2022-07-02T04:22:03.106864Z",
|
||||
"modified": "2022-07-02T04:22:03.106864Z",
|
||||
"name": "Demographic Segmentation",
|
||||
"description": "An influence operation may target populations based on demographic segmentation, including age, gender, and income. Demographic segmentation may be useful for influence operations aiming to change state policies that affect a specific population sector. For example, an influence operation attempting to influence Medicare funding in the United States would likely target U.S. voters over 65 years of age. ",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "target-audience-analysis"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0072.002.md",
|
||||
"external_id": "T0072.002"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--5f49ef6e-0170-43b1-a860-f4f6de42a9ea"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--9941e34f-68ee-4899-bdee-514893eec5c9",
|
||||
"id": "bundle--f868ea8e-5a07-4f2b-8f4b-daa82a01a050",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--b33c0364-02e3-43c4-8cbd-f94fe47ca0d4",
|
||||
"created_by_ref": "identity--f78ec32c-d096-4aad-8a1b-be38aa979ba5",
|
||||
"created": "2022-07-01T17:31:14.946911Z",
|
||||
"modified": "2022-07-01T17:31:14.946911Z",
|
||||
"id": "attack-pattern--38ed6ccc-d02f-4b2b-82c1-1f004f0ab70a",
|
||||
"created_by_ref": "identity--e16fdbc6-d28f-4fb4-853f-1926b2239460",
|
||||
"created": "2022-07-02T04:22:03.077643Z",
|
||||
"modified": "2022-07-02T04:22:03.077643Z",
|
||||
"name": "Use Search Engine Optimization",
|
||||
"description": "TA08",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--a01e98c3-b2af-493c-b355-8a0c76f801f2"
|
||||
"marking-definition--a9a61ae8-9683-485e-aa42-d2afbaabe597"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--aee9a605-e33c-4eac-a31f-d43b0e46f68e",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--38ef9ff3-506f-4ce3-9653-475a20961d1a",
|
||||
"created_by_ref": "identity--81be91a7-49ff-4930-9206-5cf038594821",
|
||||
"created": "2022-07-02T04:22:03.127228Z",
|
||||
"modified": "2022-07-02T04:22:03.127228Z",
|
||||
"name": "Dating Apps",
|
||||
"description": "nan",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "select-channels-and-affordances"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0104.002.md",
|
||||
"external_id": "T0104.002"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--75a5ef95-4487-405f-bb19-d9b9391e4dfd"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--f9c79e0e-95b6-44d9-b226-4e7763dbe471",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--3942dc6a-1632-404a-ac65-e8c6b18a944b",
|
||||
"created_by_ref": "identity--5cfcaf48-cfd4-48ef-8f20-224be4f6b04e",
|
||||
"created": "2022-07-02T04:22:03.142594Z",
|
||||
"modified": "2022-07-02T04:22:03.142594Z",
|
||||
"name": "Encourage Physical Violence",
|
||||
"description": "nan",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "drive-offline-activity"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0127.002.md",
|
||||
"external_id": "T0127.002"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--cf763ecf-6930-4b34-8e34-e5a3fa489016"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--b0d507c9-1cc9-4366-a7d7-e4ca88fc2c7e",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--3b38d150-4130-419c-9f99-24367d2b0483",
|
||||
"created_by_ref": "identity--750a5055-5e07-43de-8ec0-0434758babab",
|
||||
"created": "2022-07-02T04:22:03.136508Z",
|
||||
"modified": "2022-07-02T04:22:03.136508Z",
|
||||
"name": "Use Contests and Prizes",
|
||||
"description": "nan",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "maximize-exposure"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0120.002.md",
|
||||
"external_id": "T0120.002"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--61b25d73-7627-4990-b947-d80c371a1e95"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--d8a1bd4c-31bb-428f-bfd1-a7ec7774c5b6",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--3c485cd2-5a88-4fe4-81f2-3c3ae12de6ae",
|
||||
"created_by_ref": "identity--da3dbbe7-fe6b-4c33-b191-31994dc43f5d",
|
||||
"created": "2022-07-02T04:22:03.1085Z",
|
||||
"modified": "2022-07-02T04:22:03.1085Z",
|
||||
"name": "Develop Original Conspiracy Theory Narratives",
|
||||
"description": "nan",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "develop-narratives"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0022.002.md",
|
||||
"external_id": "T0022.002"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--a78a19bb-f4d9-405b-806e-ab3feb97a228"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--41e09b74-31bd-4ed0-b98e-e9cde81670c8",
|
||||
"id": "bundle--c7f86136-7a91-4d47-8ed6-9cd49aab357f",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--689eb2d8-1862-421f-96b8-d8f6cfca6004",
|
||||
"created_by_ref": "identity--058f1ecc-1754-4a5c-ac18-e7e65782ee7f",
|
||||
"created": "2022-07-01T17:31:14.97739Z",
|
||||
"modified": "2022-07-01T17:31:14.97739Z",
|
||||
"id": "attack-pattern--3cbdc5fc-976d-4264-9b9f-3657f6d81121",
|
||||
"created_by_ref": "identity--bc58f435-38a0-43a8-872a-2d210fd9b889",
|
||||
"created": "2022-07-02T04:22:03.0992Z",
|
||||
"modified": "2022-07-02T04:22:03.0992Z",
|
||||
"name": "Physical Violence",
|
||||
"description": "TA10",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--95c0fef7-d88a-4aaf-b5eb-5a80e0675fd2"
|
||||
"marking-definition--ee0aa1ee-fbc9-4403-a81a-8221eb70c6ba"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--c4d3eb7e-18bc-45ae-9539-30cf999ee7f5",
|
||||
"id": "bundle--5f889896-1565-499d-ad53-6cf7eb20c31f",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--8755a134-eb42-4d36-9010-8739e4dab224",
|
||||
"created_by_ref": "identity--a3f4af4e-8380-4573-abbb-bb51a359c450",
|
||||
"created": "2022-07-01T17:31:14.949709Z",
|
||||
"modified": "2022-07-01T17:31:14.949709Z",
|
||||
"id": "attack-pattern--3d2940d4-9e8b-4bad-aab8-3ac52b65c2ce",
|
||||
"created_by_ref": "identity--c21779fb-809a-4561-8e69-d904f65ddc82",
|
||||
"created": "2022-07-02T04:22:03.079565Z",
|
||||
"modified": "2022-07-02T04:22:03.079565Z",
|
||||
"name": "Continue to Amplify",
|
||||
"description": "TA11",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--1f399ef7-7286-4f3d-9367-43382b6f1f17"
|
||||
"marking-definition--409c183e-7f53-4d8d-8bb4-7cfd49f07ff0"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--a0078d08-a5b2-44f7-9168-02492767c46f",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--3f7ef990-a068-4591-bb39-374ba03e488e",
|
||||
"created_by_ref": "identity--d7a9f0ab-41f5-4fa8-8e45-b1252a91fb6e",
|
||||
"created": "2022-07-02T04:22:03.116872Z",
|
||||
"modified": "2022-07-02T04:22:03.116872Z",
|
||||
"name": "Create Sockpuppet Accounts",
|
||||
"description": "Sockpuppet accounts refer to falsified accounts that either promote the influence operation\u2019s own material or attack critics of the material online. Individuals who control sockpuppet accounts also man at least one other user account.67 Sockpuppet accounts help legitimize operation narratives by providing an appearance of external support for the material and discrediting opponents of the operation. ",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "establish-social-assets"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0090.004.md",
|
||||
"external_id": "T0090.004"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--d0cf236d-6895-4ff5-9462-4a81418b78c0"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--ed8083e6-beea-4619-ba6b-131256ba3123",
|
||||
"id": "bundle--4c585738-4e73-4d3f-aba9-d20f5243069b",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--cf8b18ff-c6c1-4e9d-9258-b44ae0f7cf74",
|
||||
"created_by_ref": "identity--52c44003-19df-4e31-bade-521bfd3156b8",
|
||||
"created": "2022-07-01T17:31:14.978758Z",
|
||||
"modified": "2022-07-01T17:31:14.978758Z",
|
||||
"id": "attack-pattern--4063b46c-b959-4944-a569-37e88e497999",
|
||||
"created_by_ref": "identity--16ac4005-1f90-4338-b93b-902a87581c22",
|
||||
"created": "2022-07-02T04:22:03.100175Z",
|
||||
"modified": "2022-07-02T04:22:03.100175Z",
|
||||
"name": "Conceal Infrastructure",
|
||||
"description": "TA11",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--3c03cdfb-e657-4705-b9a0-114cd269511b"
|
||||
"marking-definition--5aa4547d-f973-40f5-adf1-dbcc4cd7600d"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--7d22d0ea-0047-4a39-9ec1-f632dcf158b8",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--407e28ba-d6d3-45eb-9c24-a7141b3e2155",
|
||||
"created_by_ref": "identity--9f6c49e4-e237-4e30-b643-d8d3a2ac89f1",
|
||||
"created": "2022-07-02T04:22:03.14865Z",
|
||||
"modified": "2022-07-02T04:22:03.14865Z",
|
||||
"name": "Use Shell Organizations",
|
||||
"description": "nan",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "persist-in-the-information-environment"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0130.003.md",
|
||||
"external_id": "T0130.003"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--7e9edd4d-f64f-458c-8aab-a833859dc00e"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--9e3634b6-e95d-424a-8841-9e14dd7063e8",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--41c46ffe-b2fe-49ef-9b93-3b92bcdb8dcd",
|
||||
"created_by_ref": "identity--500f0990-9baf-4b31-b824-b014a6165a7b",
|
||||
"created": "2022-07-02T04:22:03.117581Z",
|
||||
"modified": "2022-07-02T04:22:03.117581Z",
|
||||
"name": "Recruit Partisans",
|
||||
"description": "nan",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "establish-social-assets"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0091.002.md",
|
||||
"external_id": "T0091.002"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--b6be45fc-aba1-4087-a9f9-8d20be5c950a"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--5f21505b-ddb6-406d-8266-9f311466ca2a",
|
||||
"id": "bundle--f04e8884-a39c-4fb9-8133-fe6ab4e0447b",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--da407a26-811d-48ae-b594-e3b71ad0679c",
|
||||
"created_by_ref": "identity--261b28e9-691b-42aa-9857-7cc963841711",
|
||||
"created": "2022-07-01T17:31:14.948784Z",
|
||||
"modified": "2022-07-01T17:31:14.948784Z",
|
||||
"id": "attack-pattern--41e751ac-d098-48a5-b9a6-2f671ff9c035",
|
||||
"created_by_ref": "identity--69b8c806-3de4-4b21-9abd-00817341f626",
|
||||
"created": "2022-07-02T04:22:03.078926Z",
|
||||
"modified": "2022-07-02T04:22:03.078926Z",
|
||||
"name": "Organize Events",
|
||||
"description": "TA10",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--3b63acbf-d66d-4026-a4fe-819b89ebf37b"
|
||||
"marking-definition--c1c812a2-5c51-49e6-b920-4da49282862a"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--d63968e3-e164-4712-8856-76548d885d20",
|
||||
"id": "bundle--5b19110f-0cb9-4a71-9060-4f9473eedcda",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--7314dd7a-9b01-41fb-9f5b-58818fc6fa2e",
|
||||
"created_by_ref": "identity--512391d4-fc49-4b7e-a60e-87607d188820",
|
||||
"created": "2022-07-01T17:31:14.938962Z",
|
||||
"modified": "2022-07-01T17:31:14.938962Z",
|
||||
"id": "attack-pattern--42d2e081-acd9-4d7b-8f16-9e46a9d9a1ad",
|
||||
"created_by_ref": "identity--a9f223e2-c47e-415f-b66d-703b21539125",
|
||||
"created": "2022-07-02T04:22:03.072086Z",
|
||||
"modified": "2022-07-02T04:22:03.072086Z",
|
||||
"name": "Create inauthentic websites",
|
||||
"description": "TA15",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--2244209c-7c6b-4f27-b714-2e6d618ee9de"
|
||||
"marking-definition--d47916c5-6f70-4705-99db-9f1bafbc9f08"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--d21a40bb-0b36-44a9-9460-12a4dfc00bac",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--44b60b3c-afea-40c5-8faa-afd31269e6da",
|
||||
"created_by_ref": "identity--e172348d-34a8-40cc-9021-8d4ca61cd324",
|
||||
"created": "2022-07-02T04:22:03.135547Z",
|
||||
"modified": "2022-07-02T04:22:03.135547Z",
|
||||
"name": "Post Across Platform",
|
||||
"description": "nan",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "maximize-exposure"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0119.002.md",
|
||||
"external_id": "T0119.002"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--cab23df0-ef15-4651-b45e-d33a729f692c"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--c45ee792-7da0-4b18-8f61-0227431b520d",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--4699fa91-706b-4a8b-b253-fbbcf05f44c9",
|
||||
"created_by_ref": "identity--bc415869-0cc0-47ef-9354-eb85469ffe10",
|
||||
"created": "2022-07-02T04:22:03.103346Z",
|
||||
"modified": "2022-07-02T04:22:03.103346Z",
|
||||
"name": "Conduct Web Traffic Analysis",
|
||||
"description": "An influence operation may conduct web traffic analysis to determine which search engines, keywords, websites, and advertisements gain the most traction with its target audience.",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "target-audience-analysis"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0080.004.md",
|
||||
"external_id": "T0080.004"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--d15b9bec-1b95-49cc-919b-118748be8bc9"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--8b517eaf-33f2-4301-a3a5-393f43e80543",
|
||||
"id": "bundle--d54e25bf-2b86-413b-9796-da5a9f02b948",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--e36e2cb6-797a-4859-b40c-214065331ca9",
|
||||
"created_by_ref": "identity--7c43dcf4-9445-4464-9cff-55b6d341cdc7",
|
||||
"created": "2022-07-01T17:31:14.970415Z",
|
||||
"modified": "2022-07-01T17:31:14.970415Z",
|
||||
"id": "attack-pattern--46edb68e-0257-4bbc-8666-3ddb6260462a",
|
||||
"created_by_ref": "identity--9cd87489-b096-4f17-9f92-fabd41080497",
|
||||
"created": "2022-07-02T04:22:03.09435Z",
|
||||
"modified": "2022-07-02T04:22:03.09435Z",
|
||||
"name": "Email",
|
||||
"description": "TA07",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--7c9af100-8d68-4ae2-a4d3-6e274a259cfa"
|
||||
"marking-definition--0b295746-495c-4d97-a8db-0c5977789060"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--80390180-59e5-4fd2-9c4c-1112c040301e",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--4787da40-8dc0-4a00-97a8-421e299b34bd",
|
||||
"created_by_ref": "identity--c9d3ac87-ca0e-4703-b581-793934ff6cd1",
|
||||
"created": "2022-07-02T04:22:03.143552Z",
|
||||
"modified": "2022-07-02T04:22:03.143552Z",
|
||||
"name": "Conceal Network Identity",
|
||||
"description": "Concealing network identity aims to hide the existence an influence operation\u2019s network completely. Unlike concealing sponsorship, concealing network identity denies the existence of any sort of organization. ",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "persist-in-the-information-environment"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0128.002.md",
|
||||
"external_id": "T0128.002"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--565c628f-7851-4055-948a-df0d594a08bc"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--9325eb19-77a1-4502-b125-44ab475e93ac",
|
||||
"id": "bundle--2dc6d750-7e25-4f4f-8e24-93a2519e0748",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--92a7837e-723e-408f-8c67-96d6c618f1b1",
|
||||
"created_by_ref": "identity--e7a72b6f-7699-429d-9561-86d84cadc0f2",
|
||||
"created": "2022-07-01T17:31:14.979667Z",
|
||||
"modified": "2022-07-01T17:31:14.979667Z",
|
||||
"id": "attack-pattern--48d17a8e-898e-45fe-9d05-3f264445c63c",
|
||||
"created_by_ref": "identity--02ffcb17-e281-4840-acaf-8c8433210309",
|
||||
"created": "2022-07-02T04:22:03.100815Z",
|
||||
"modified": "2022-07-02T04:22:03.100815Z",
|
||||
"name": "Measure Performance",
|
||||
"description": "TA12",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--965d184e-c018-4188-ac1a-cd3c288112e7"
|
||||
"marking-definition--22ede23b-e9f5-4088-a50a-bb14fd1a06ec"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--5cfa8634-d1da-46a5-b0f1-c4064aca6305",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--48eedefd-139c-40f7-aa22-ba1cb4309929",
|
||||
"created_by_ref": "identity--215ae8be-cd5c-423e-8544-77754395d4a9",
|
||||
"created": "2022-07-02T04:22:03.144511Z",
|
||||
"modified": "2022-07-02T04:22:03.144511Z",
|
||||
"name": "Change Names of Accounts",
|
||||
"description": "Changing names of accounts occurs when an operation changes the name of an existing social media account. An operation may change the names of its accounts throughout an operation to avoid detection or alter the names of newly acquired or repurposed accounts to fit operational narratives. ",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "persist-in-the-information-environment"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0128.005.md",
|
||||
"external_id": "T0128.005"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--341d5c91-8a26-4003-b588-db1cc4290d08"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--d70ea7cd-8452-4c48-b037-171a7da031a2",
|
||||
"id": "bundle--d75ecf57-6a54-4c2f-b607-a62338726733",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--aa293cf3-593d-49b0-8ebc-c8d83226aa88",
|
||||
"created_by_ref": "identity--a69d76d1-4351-4ec1-85a8-3910528ecbc8",
|
||||
"created": "2022-07-01T17:31:14.941851Z",
|
||||
"modified": "2022-07-01T17:31:14.941851Z",
|
||||
"id": "attack-pattern--4b08d625-9526-4617-bfb1-fb169298ee81",
|
||||
"created_by_ref": "identity--95d9a68a-7a96-4c0b-936c-0c77a4f8257f",
|
||||
"created": "2022-07-02T04:22:03.074036Z",
|
||||
"modified": "2022-07-02T04:22:03.074036Z",
|
||||
"name": "Generate information pollution",
|
||||
"description": "TA06",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--65461393-7f2d-4000-b230-55cdb6275c19"
|
||||
"marking-definition--352c3cca-1077-4df3-b7d9-a9617913e5ce"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--caa8edd7-469e-488b-bae5-2b957cd44e09",
|
||||
"id": "bundle--a7883be7-6003-4e61-bd48-1887aaf4ca59",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--9fd06db8-2f00-462d-b22d-94f47b72178c",
|
||||
"created_by_ref": "identity--6fd97d11-6549-4102-9bd8-8d0f9e70116d",
|
||||
"created": "2022-07-01T17:31:14.9361Z",
|
||||
"modified": "2022-07-01T17:31:14.9361Z",
|
||||
"id": "attack-pattern--4ba887ca-bcfd-4966-b3b5-0ff968a7627f",
|
||||
"created_by_ref": "identity--35122bb0-23ae-4ced-ae58-cfa5d8afe02f",
|
||||
"created": "2022-07-02T04:22:03.070144Z",
|
||||
"modified": "2022-07-02T04:22:03.070144Z",
|
||||
"name": "Leverage Existing Narratives",
|
||||
"description": "TA14",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--c68d5d70-7555-4bc2-b64c-910650503fdf"
|
||||
"marking-definition--2710f384-a856-4d93-ab2c-52e9b24a62ed"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--df2d0e87-8afa-478b-bd20-3499d51c0726",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--4bf72d47-faa4-400a-bfd2-653372a15612",
|
||||
"created_by_ref": "identity--337090d5-2f61-44a0-bd0d-3efc7fe7f81e",
|
||||
"created": "2022-07-02T04:22:03.112332Z",
|
||||
"modified": "2022-07-02T04:22:03.112332Z",
|
||||
"name": "Develop AI-Generated Videos (Deepfakes)",
|
||||
"description": "Deepfakes refer to AI-generated falsified photos, videos, or soundbites. An influence operation may use deepfakes to depict an inauthentic situation by synthetically recreating an individual\u2019s face, body, voice, and physical gestures.",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "develop-content"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0087.001.md",
|
||||
"external_id": "T0087.001"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--50c32158-242e-4de2-afde-dbc3be179189"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--3a5c2edf-1a86-4108-8487-cbb8f97f5254",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--4c65eec8-13a3-4c89-8088-41db6e9e6381",
|
||||
"created_by_ref": "identity--e809d292-a9fa-437f-9e53-ac020dae9fb9",
|
||||
"created": "2022-07-02T04:22:03.113596Z",
|
||||
"modified": "2022-07-02T04:22:03.113596Z",
|
||||
"name": "Create fake research",
|
||||
"description": "Create fake academic research. Example: fake social science research is often aimed at hot-button social issues such as gender, race and sexuality. Fake science research can target Climate Science debate or pseudoscience like anti-vaxx",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "develop-content"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0019.001.md",
|
||||
"external_id": "T0019.001"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--941585e5-62fe-4586-a9de-558edbd9247e"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--7b2e98ff-32fa-456c-8545-d7c3704662fb",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--4ebcc4a4-ff0b-4275-963a-617cdd06a45a",
|
||||
"created_by_ref": "identity--699b2544-556e-444e-8007-c73e4f7aa7a4",
|
||||
"created": "2022-07-02T04:22:03.108816Z",
|
||||
"modified": "2022-07-02T04:22:03.108816Z",
|
||||
"name": "Use Copypasta",
|
||||
"description": "Copypasta refers to a piece of text that has been copied and pasted multiple times across various online platforms. A copypasta\u2019s final form may differ from its original source text as users add, delete, or otherwise edit the content as they repost the text. ",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "develop-content"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0084.001.md",
|
||||
"external_id": "T0084.001"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--d7055552-3041-4dc9-a230-e4e124f0846f"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--d39100f1-1b42-4147-a7af-0fb3bf8381ac",
|
||||
"id": "bundle--6a1f38d7-c5f3-487f-aaaa-3aaef8a06ecd",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--b7fc4282-5514-4c1d-be11-62d02e7e78cf",
|
||||
"created_by_ref": "identity--9b4b0a65-53dc-4d27-9ac1-b187189145f6",
|
||||
"created": "2022-07-01T17:31:14.973265Z",
|
||||
"modified": "2022-07-01T17:31:14.973265Z",
|
||||
"id": "attack-pattern--4f599cdb-9fe0-459b-9eeb-37b54db6605e",
|
||||
"created_by_ref": "identity--7affdd67-77d4-498b-97ec-c6ebaee6dd7e",
|
||||
"created": "2022-07-02T04:22:03.096289Z",
|
||||
"modified": "2022-07-02T04:22:03.096289Z",
|
||||
"name": "Amplify Existing Narrative",
|
||||
"description": "TA17",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--5d568a18-4065-4b7b-849a-9c1ddaa6e1b9"
|
||||
"marking-definition--59b3c253-d2d2-4267-842c-151e4a15d672"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--fd57b310-d4ea-4a61-a319-cea7409f2314",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--4f6ea3bf-7423-4e21-a07f-8dbcc94cb3da",
|
||||
"created_by_ref": "identity--e351e54d-bd4a-43e3-823c-c27f8f392a01",
|
||||
"created": "2022-07-02T04:22:03.141303Z",
|
||||
"modified": "2022-07-02T04:22:03.141303Z",
|
||||
"name": "Pay for Physical Action",
|
||||
"description": "Paying for physical action occurs when an influence operation pays individuals to act in the physical realm. An influence operation may pay for physical action to create specific situations and frame them in a way that supports operation narratives, for example, paying a group of people to burn a car to later post an image of the burning car and frame it as an act of protest. ",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "drive-offline-activity"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0057.001.md",
|
||||
"external_id": "T0057.001"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--86d83fcc-efd8-4453-851a-375e5a73022a"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--8f0f159c-ca7d-4adc-8ca2-063377010732",
|
||||
"id": "bundle--387c3fad-87bb-4d6c-9c3a-2c96d9cbd12d",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--f3e80d10-e8f4-4302-9f4e-f0e68167c4c2",
|
||||
"created_by_ref": "identity--8e01d1e1-b587-4a3f-b1a3-12b2a91b74e6",
|
||||
"created": "2022-07-01T17:31:14.971349Z",
|
||||
"modified": "2022-07-01T17:31:14.971349Z",
|
||||
"id": "attack-pattern--5279ebe3-f902-4f0b-a1ae-34a647b99df1",
|
||||
"created_by_ref": "identity--9a99a0b8-9e99-41a6-b80f-c1b710bc7887",
|
||||
"created": "2022-07-02T04:22:03.09499Z",
|
||||
"modified": "2022-07-02T04:22:03.09499Z",
|
||||
"name": "Deliver Ads",
|
||||
"description": "TA09",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--7396226c-6037-4d7c-a4b5-85ef509a4fc4"
|
||||
"marking-definition--71b04a9e-f5d5-4822-a0e1-7db9f745560f"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--41623477-cf93-473e-8aeb-bfaf06170249",
|
||||
"id": "bundle--d6b770c7-ffd3-4d86-9478-09ba9b1a8ddd",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--cf9c7ee9-35a7-4887-b694-8d7766134b4c",
|
||||
"created_by_ref": "identity--0a317ec3-3c0a-4d89-bf66-dffcaa1d3a05",
|
||||
"created": "2022-07-01T17:31:14.952919Z",
|
||||
"modified": "2022-07-01T17:31:14.952919Z",
|
||||
"id": "attack-pattern--5396f0c0-9a8c-48c9-ba26-7c1cb8a4ddfb",
|
||||
"created_by_ref": "identity--e7a82b59-1d03-4c90-8022-f6ca17d33c4f",
|
||||
"created": "2022-07-02T04:22:03.081798Z",
|
||||
"modified": "2022-07-02T04:22:03.081798Z",
|
||||
"name": "Determine Strategic Ends",
|
||||
"description": "TA01",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--95de1e56-03ed-410d-b540-76b9828cf28f"
|
||||
"marking-definition--d29e6e81-7178-44cb-82e5-4555d023e588"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--fa634ad0-20bb-4f0a-b6e6-dc816b1b8982",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--540e2d0d-4de2-4331-a130-ccbd14945e57",
|
||||
"created_by_ref": "identity--d57f8b7c-a1a0-4112-b156-cf7bcbe28b6e",
|
||||
"created": "2022-07-02T04:22:03.102063Z",
|
||||
"modified": "2022-07-02T04:22:03.102063Z",
|
||||
"name": "Discredit Credible Sources",
|
||||
"description": "Plan to delegitimize the media landscape and degrade public trust in reporting, by discrediting credible sources. This makes it easier to promote influence operation content.",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "plan-objectives"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0075.001.md",
|
||||
"external_id": "T0075.001"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--7b979c8f-a880-406d-abcd-21c71f656171"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -1,14 +1,14 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--54951491-396b-4eb6-9b95-8cfb97065481",
|
||||
"id": "bundle--8388a330-6bb6-46f3-b7ed-56d3c65ea339",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--35bd0849-8450-4ed3-ae0c-22eeee8c1164",
|
||||
"created_by_ref": "identity--fd343676-2f6c-445f-b80a-3d2afefdf456",
|
||||
"created": "2022-07-01T17:31:14.945086Z",
|
||||
"modified": "2022-07-01T17:31:14.945086Z",
|
||||
"id": "attack-pattern--5468558b-bbc8-49d6-af74-99450ca31dd3",
|
||||
"created_by_ref": "identity--361ac418-44d7-484d-bae0-51abbfe90344",
|
||||
"created": "2022-07-02T04:22:03.076286Z",
|
||||
"modified": "2022-07-02T04:22:03.076286Z",
|
||||
"name": "Seed Kernel of truth",
|
||||
"description": "TA08",
|
||||
"kill_chain_phases": [
|
||||
@ -25,7 +25,7 @@
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--2be8e0fd-49a5-407b-b5ec-5d87efac2165"
|
||||
"marking-definition--64eec2bb-aca1-4f71-ba4f-1ec00156c4f7"
|
||||
],
|
||||
"x_mitre_is_subtechnique": false,
|
||||
"x_mitre_platforms": [
|
||||
@ -33,7 +33,7 @@
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1,0"
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
{
|
||||
"type": "bundle",
|
||||
"id": "bundle--fe6a1418-ec87-41e5-879a-52e8f5656cdf",
|
||||
"objects": [
|
||||
{
|
||||
"type": "attack-pattern",
|
||||
"spec_version": "2.1",
|
||||
"id": "attack-pattern--546ca620-e626-4a82-8e4d-74f4f99115a9",
|
||||
"created_by_ref": "identity--e6003b7e-b5ad-4631-90fc-4e2d5c731ea1",
|
||||
"created": "2022-07-02T04:22:03.153388Z",
|
||||
"modified": "2022-07-02T04:22:03.153388Z",
|
||||
"name": "Social media engagement",
|
||||
"description": "Monitor and evaluate social media engagement in misinformation incidents.",
|
||||
"kill_chain_phases": [
|
||||
{
|
||||
"kill_chain_name": "mitre-attack",
|
||||
"phase_name": "assess-effectiveness"
|
||||
}
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
"source_name": "DISARM",
|
||||
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0134.002.md",
|
||||
"external_id": "T0134.002"
|
||||
}
|
||||
],
|
||||
"object_marking_refs": [
|
||||
"marking-definition--60fcd5b8-9847-4f12-af20-2975c86fc2ae"
|
||||
],
|
||||
"x_mitre_is_subtechnique": true,
|
||||
"x_mitre_platforms": [
|
||||
"Windows",
|
||||
"Linux",
|
||||
"Mac"
|
||||
],
|
||||
"x_mitre_version": "1.0"
|
||||
}
|
||||
]
|
||||
}
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user