T1008 Fallback Channels Mappings

Adversaries may use fallback or alternate communication channels if the primary channel is compromised or inaccessible in order to maintain reliable command and control and to avoid data transfer thresholds.

View in MITRE ATT&CK®

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
AC-4 Information Flow Enforcement Protects T1008 Fallback Channels
CA-7 Continuous Monitoring Protects T1008 Fallback Channels
CM-2 Baseline Configuration Protects T1008 Fallback Channels
CM-6 Configuration Settings Protects T1008 Fallback Channels
CM-7 Least Functionality Protects T1008 Fallback Channels
SC-7 Boundary Protection Protects T1008 Fallback Channels
SI-3 Malicious Code Protection Protects T1008 Fallback Channels
SI-4 System Monitoring Protects T1008 Fallback Channels
action.hacking.variety.Evade Defenses Modification of the action (rather than the system, as in 'Disable controls') to avoid detection. related-to T1008 Fallback Channels
action.hacking.vector.Other network service Network service that is not remote access or a web application. related-to T1008 Fallback Channels
action.malware.variety.Backdoor or C2 Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'. related-to T1008 Fallback Channels
action.malware.variety.C2 Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'. related-to T1008 Fallback Channels