Adversaries may manipulate software dependencies and development tools prior to receipt by a final consumer for the purpose of data or system compromise. Applications often depend on external software to function properly. Popular open source projects that are used as dependencies in many applications may be targeted as a means to add malicious code to users of the dependency.(Citation: Trendmicro NPM Compromise)
Targeting may be specific to a desired victim set or may be distributed to a broad set of consumers but only move on to additional tactics on specific victims.
View in MITRE ATT&CK®Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
---|---|---|---|---|---|
CA-02 | Control Assessments | Protects | T1195.001 | Compromise Software Dependencies and Development Tools | |
CA-07 | Continuous Monitoring | Protects | T1195.001 | Compromise Software Dependencies and Development Tools | |
CM-11 | User-installed Software | Protects | T1195.001 | Compromise Software Dependencies and Development Tools | |
CM-07 | Least Functionality | Protects | T1195.001 | Compromise Software Dependencies and Development Tools | |
RA-10 | Threat Hunting | Protects | T1195.001 | Compromise Software Dependencies and Development Tools | |
RA-05 | Vulnerability Monitoring and Scanning | Protects | T1195.001 | Compromise Software Dependencies and Development Tools | |
SA-22 | Unsupported System Components | Protects | T1195.001 | Compromise Software Dependencies and Development Tools | |
SI-02 | Flaw Remediation | Protects | T1195.001 | Compromise Software Dependencies and Development Tools |