T1567.002 Exfiltration to Cloud Storage Mappings

Adversaries may exfiltrate data to a cloud storage service rather than over their primary command and control channel. Cloud storage services allow for the storage, edit, and retrieval of data from a remote cloud storage server over the Internet.

Examples of cloud storage services include Dropbox and Google Docs. Exfiltration to these cloud storage services can provide a significant amount of cover to the adversary if hosts within the network are already communicating with the service.

View in MITRE ATT&CK®

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
cloud_ids Cloud IDS technique_scores T1567.002 Exfiltration to Cloud Storage
beyondcorp_enterprise BeyondCorp Enterprise technique_scores T1567.002 Exfiltration to Cloud Storage
endpoint_management Endpoint Management technique_scores T1567.002 Exfiltration to Cloud Storage
security_command_center Security Command Center technique_scores T1567.002 Exfiltration to Cloud Storage