T1030 Data Transfer Size Limits Mappings

An adversary may exfiltrate data in fixed size chunks instead of whole files or limit packet sizes below certain thresholds. This approach may be used to avoid triggering network data transfer threshold alerts.

View in MITRE ATT&CK®

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
AC-4 Information Flow Enforcement Protects T1030 Data Transfer Size Limits
CA-7 Continuous Monitoring Protects T1030 Data Transfer Size Limits
CM-2 Baseline Configuration Protects T1030 Data Transfer Size Limits
CM-6 Configuration Settings Protects T1030 Data Transfer Size Limits
SC-7 Boundary Protection Protects T1030 Data Transfer Size Limits
SI-3 Malicious Code Protection Protects T1030 Data Transfer Size Limits
SI-4 System Monitoring Protects T1030 Data Transfer Size Limits
action.malware.variety.Export data Export data to another site or system related-to T1030 Data Transfer Size Limits