Adversaries may exfiltrate data, such as sensitive documents, through the use of automated processing after being gathered during Collection.(Citation: ESET Gamaredon June 2020)
When automated exfiltration is used, other exfiltration techniques likely apply as well to transfer the information out of the network, such as Exfiltration Over C2 Channel and Exfiltration Over Alternative Protocol.
View in MITRE ATT&CK®| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name |
|---|---|---|---|---|
| amazon_guardduty | Amazon GuardDuty | technique_scores | T1020 | Automated Exfiltration |
| aws_config | AWS Config | technique_scores | T1020 | Automated Exfiltration |
| aws_iot_device_defender | AWS IoT Device Defender | technique_scores | T1020 | Automated Exfiltration |
| Technique ID | Technique Name | Number of Mappings |
|---|---|---|
| T1020.001 | Traffic Duplication | 2 |