T1001.002 Steganography Mappings

Adversaries may use steganographic techniques to hide command and control traffic to make detection efforts more difficult. Steganographic techniques can be used to hide data in digital messages that are transferred between systems. This hidden information can be used for command and control of compromised systems. In some cases, the passing of files embedded using steganography, such as image or document files, can be used for command and control.

View in MITRE ATT&CK®

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
AC-04 Information Flow Enforcement Protects T1001.002 Steganography
CA-07 Continuous Monitoring Protects T1001.002 Steganography
CM-02 Baseline Configuration Protects T1001.002 Steganography
CM-06 Configuration Settings Protects T1001.002 Steganography
SC-07 Boundary Protection Protects T1001.002 Steganography
SI-03 Malicious Code Protection Protects T1001.002 Steganography
SI-04 System Monitoring Protects T1001.002 Steganography