Home
ATT&CK Techniques
T1565.001 Stored Data Manipulation

T1565.001 Stored Data Manipulation Mappings

Adversaries may insert, delete, or manipulate data at rest in order to manipulate external outcomes or hide activity.(Citation: FireEye APT38 Oct 2018)(Citation: DOJ Lazarus Sony 2018) By manipulating stored data, adversaries may attempt to affect a business process, organizational understanding, and decision making.

Stored data could include a variety of file formats, such as Office files, databases, stored emails, and custom file formats. The type of modification and the impact it will have depends on the type of data as well as the goals and objectives of the adversary. For complex systems, an adversary would likely need special expertise and possibly access to specialized software related to the system that would typically be gained through a prolonged information gathering campaign in order to have the desired impact.

View in MITRE ATT&CK®

Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name
AC-16	Security and Privacy Attributes	Protects	T1565.001	Stored Data Manipulation
AC-17	Remote Access	Protects	T1565.001	Stored Data Manipulation
AC-18	Wireless Access	Protects	T1565.001	Stored Data Manipulation
AC-19	Access Control for Mobile Devices	Protects	T1565.001	Stored Data Manipulation
AC-20	Use of External Systems	Protects	T1565.001	Stored Data Manipulation
AC-3	Access Enforcement	Protects	T1565.001	Stored Data Manipulation
CA-7	Continuous Monitoring	Protects	T1565.001	Stored Data Manipulation
CM-2	Baseline Configuration	Protects	T1565.001	Stored Data Manipulation
CM-6	Configuration Settings	Protects	T1565.001	Stored Data Manipulation
CM-8	System Component Inventory	Protects	T1565.001	Stored Data Manipulation
CP-10	System Recovery and Reconstitution	Protects	T1565.001	Stored Data Manipulation
CP-6	Alternate Storage Site	Protects	T1565.001	Stored Data Manipulation
CP-7	Alternate Processing Site	Protects	T1565.001	Stored Data Manipulation
CP-9	System Backup	Protects	T1565.001	Stored Data Manipulation
SC-28	Protection of Information at Rest	Protects	T1565.001	Stored Data Manipulation
SC-36	Distributed Processing and Storage	Protects	T1565.001	Stored Data Manipulation
SC-4	Information in Shared System Resources	Protects	T1565.001	Stored Data Manipulation
SC-7	Boundary Protection	Protects	T1565.001	Stored Data Manipulation
SI-12	Information Management and Retention	Protects	T1565.001	Stored Data Manipulation
SI-16	Memory Protection	Protects	T1565.001	Stored Data Manipulation
SI-23	Information Fragmentation	Protects	T1565.001	Stored Data Manipulation
SI-4	System Monitoring	Protects	T1565.001	Stored Data Manipulation
SI-7	Software, Firmware, and Information Integrity	Protects	T1565.001	Stored Data Manipulation
CVE-2019-1942	Cisco Identity Services Engine Software	secondary_impact	T1565.001	Stored Data Manipulation
CVE-2019-15972	Cisco Unified Communications Manager	secondary_impact	T1565.001	Stored Data Manipulation
CVE-2019-1863	Cisco Unified Computing System E-Series Software (UCSE)	secondary_impact	T1565.001	Stored Data Manipulation
CVE-2019-1689	Cisco Webex Teams	secondary_impact	T1565.001	Stored Data Manipulation
CVE-2020-3476	Cisco IOS XE Software	primary_impact	T1565.001	Stored Data Manipulation
CVE-2020-3440	Cisco Webex Meetings	primary_impact	T1565.001	Stored Data Manipulation
CVE-2019-1836	Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode	primary_impact	T1565.001	Stored Data Manipulation
CVE-2020-3237	Cisco IOx	primary_impact	T1565.001	Stored Data Manipulation
CVE-2020-3309	Cisco Firepower Threat Defense Software	secondary_impact	T1565.001	Stored Data Manipulation
CVE-2020-5345	Unisphere for PowerMax	exploitation_technique	T1565.001	Stored Data Manipulation
CVE-2019-3786	BOSH Backup and Restore	exploitation_technique	T1565.001	Stored Data Manipulation
CVE-2020-11010	tortoise-orm	secondary_impact	T1565.001	Stored Data Manipulation
CVE-2018-5459	WAGO PFC200 Series	secondary_impact	T1565.001	Stored Data Manipulation
CVE-2019-18234	Equinox Control Expert	secondary_impact	T1565.001	Stored Data Manipulation
CVE-2019-5954	JR East Japan train operation information push notification App for Android	uncategorized	T1565.001	Stored Data Manipulation
CVE-2008-4996	n/a	uncategorized	T1565.001	Stored Data Manipulation
CVE-2020-9819	iOS	uncategorized	T1565.001	Stored Data Manipulation
CVE-2018-19833	n/a	uncategorized	T1565.001	Stored Data Manipulation
attribute.integrity.variety.Modify data	Modified stored data or content	related-to	T1565.001	Data Manipulation: Stored Data Manipulation
aws_rds	AWS RDS	technique_scores	T1565.001	Stored Data Manipulation
aws_rds	AWS RDS	technique_scores	T1565.001	Stored Data Manipulation
amazon_guardduty	Amazon GuardDuty	technique_scores	T1565.001	Stored Data Manipulation
aws_cloudendure_disaster_recovery	AWS CloudEndure Disaster Recovery	technique_scores	T1565.001	Stored Data Manipulation