T1565.002 Transmitted Data Manipulation Mappings

Adversaries may alter data en route to storage or other systems in order to manipulate external outcomes or hide activity.(Citation: FireEye APT38 Oct 2018)(Citation: DOJ Lazarus Sony 2018) By manipulating transmitted data, adversaries may attempt to affect a business process, organizational understanding, and decision making.

Manipulation may be possible over a network connection or between system processes where there is an opportunity deploy a tool that will intercept and change information. The type of modification and the impact it will have depends on the target transmission mechanism as well as the goals and objectives of the adversary. For complex systems, an adversary would likely need special expertise and possibly access to specialized software related to the system that would typically be gained through a prolonged information gathering campaign in order to have the desired impact.

View in MITRE ATT&CK®

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
AC-16 Security and Privacy Attributes Protects T1565.002 Transmitted Data Manipulation
AC-17 Remote Access Protects T1565.002 Transmitted Data Manipulation
AC-18 Wireless Access Protects T1565.002 Transmitted Data Manipulation
AC-19 Access Control for Mobile Devices Protects T1565.002 Transmitted Data Manipulation
AC-20 Use of External Systems Protects T1565.002 Transmitted Data Manipulation
CM-2 Baseline Configuration Protects T1565.002 Transmitted Data Manipulation
CM-6 Configuration Settings Protects T1565.002 Transmitted Data Manipulation
CM-8 System Component Inventory Protects T1565.002 Transmitted Data Manipulation
SC-4 Information in Shared System Resources Protects T1565.002 Transmitted Data Manipulation
SI-12 Information Management and Retention Protects T1565.002 Transmitted Data Manipulation
SI-4 System Monitoring Protects T1565.002 Transmitted Data Manipulation
SI-7 Software, Firmware, and Information Integrity Protects T1565.002 Transmitted Data Manipulation
CVE-2020-3460 Cisco Data Center Network Manager primary_impact T1565.002 Transmitted Data Manipulation
CVE-2019-1943 Cisco Small Business 300 Series Managed Switches primary_impact T1565.002 Transmitted Data Manipulation
CVE-2019-15974 Cisco Managed Services Accelerator primary_impact T1565.002 Transmitted Data Manipulation
attribute.integrity.variety.Modify data Modified stored data or content related-to T1565.002 Data Manipulation: Transmitted Data Manipulation
aws_rds AWS RDS technique_scores T1565.002 Transmitted Data Manipulation
aws_rds AWS RDS technique_scores T1565.002 Transmitted Data Manipulation
amazon_virtual_private_cloud Amazon Virtual Private Cloud technique_scores T1565.002 Transmitted Data Manipulation