mirror of
https://github.com/DISARMFoundation/DISARMframeworks.git
synced 2024-12-18 12:24:25 -05:00
40 lines
2.1 KiB
JSON
40 lines
2.1 KiB
JSON
{
|
|
"type": "bundle",
|
|
"id": "bundle--085b8da4-ab11-404b-bd59-9f25ad7b5334",
|
|
"objects": [
|
|
{
|
|
"type": "attack-pattern",
|
|
"spec_version": "2.1",
|
|
"id": "attack-pattern--3a2f96fa-c3d0-4f54-a041-6807f0ea4955",
|
|
"created_by_ref": "identity--f1a0f560-2d9e-4c5d-bf47-7e96e805de82",
|
|
"created": "2024-08-02T17:12:32.351504Z",
|
|
"modified": "2024-08-02T17:12:32.351504Z",
|
|
"name": "Generate Information Pollution",
|
|
"description": "Information Pollution occurs when threat actors attempt to ruin a source of information by flooding it with lots of inauthentic or unreliable content, intending to make it harder for legitimate users to find the information they\u2019re looking for.<br /> <br />This sub-technique\u2019s objective is to reduce exposure to target information, rather than promoting exposure to campaign content, for which the parent Technique T0049 can be used.<br /> <br />Analysts will need to infer what the motive for flooding an information space was when deciding whether to use T0049 or T0049.008 to tag a case when an information space is flooded. If such inference is not possible, default to T0049.<br /> <br />This Technique previously used the ID T0019.",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "mitre-attack",
|
|
"phase_name": "maximise-exposure"
|
|
}
|
|
],
|
|
"external_references": [
|
|
{
|
|
"source_name": "mitre-attack",
|
|
"url": "https://github.com/DISARMFoundation/DISARMframeworks/blob/main/generated_pages/techniques/T0049.008.md",
|
|
"external_id": "T0049.008"
|
|
}
|
|
],
|
|
"object_marking_refs": [
|
|
"marking-definition--f79f25d2-8b96-4580-b169-eb7b613a7c31"
|
|
],
|
|
"x_mitre_is_subtechnique": true,
|
|
"x_mitre_platforms": [
|
|
"Windows",
|
|
"Linux",
|
|
"Mac"
|
|
],
|
|
"x_mitre_version": "2.1"
|
|
}
|
|
]
|
|
}
|