NIST 800-53 SC-18 Mappings

Mobile code includes any program, application, or content that can be transmitted across a network (e.g., embedded in an email, document, or website) and executed on a remote system. Decisions regarding the use of mobile code within organizational systems are based on the potential for the code to cause damage to the systems if used maliciously. Mobile code technologies include Java applets, JavaScript, HTML5, WebGL, and VBScript. Usage restrictions and implementation guidelines apply to both the selection and use of mobile code installed on servers and mobile code downloaded and executed on individual workstations and devices, including notebook computers and smart phones. Mobile code policy and procedures address specific actions taken to prevent the development, acquisition, and introduction of unacceptable mobile code within organizational systems, including requiring mobile code to be digitally signed by a trusted source.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
SC-18 Mobile Code Protects T1021.003 Distributed Component Object Model
SC-18 Mobile Code Protects T1055 Process Injection
SC-18 Mobile Code Protects T1055.001 Dynamic-link Library Injection
SC-18 Mobile Code Protects T1055.002 Portable Executable Injection
SC-18 Mobile Code Protects T1055.003 Thread Execution Hijacking
SC-18 Mobile Code Protects T1055.004 Asynchronous Procedure Call
SC-18 Mobile Code Protects T1055.005 Thread Local Storage
SC-18 Mobile Code Protects T1055.008 Ptrace System Calls
SC-18 Mobile Code Protects T1055.009 Proc Memory
SC-18 Mobile Code Protects T1055.011 Extra Window Memory Injection
SC-18 Mobile Code Protects T1055.012 Process Hollowing
SC-18 Mobile Code Protects T1055.013 Process Doppelgänging
SC-18 Mobile Code Protects T1055.014 VDSO Hijacking
SC-18 Mobile Code Protects T1059 Command and Scripting Interpreter
SC-18 Mobile Code Protects T1059.005 Visual Basic
SC-18 Mobile Code Protects T1059.007 JavaScript
SC-18 Mobile Code Protects T1068 Exploitation for Privilege Escalation
SC-18 Mobile Code Protects T1137 Office Application Startup
SC-18 Mobile Code Protects T1137.001 Office Template Macros
SC-18 Mobile Code Protects T1137.002 Office Test
SC-18 Mobile Code Protects T1137.003 Outlook Forms
SC-18 Mobile Code Protects T1137.004 Outlook Home Page
SC-18 Mobile Code Protects T1137.005 Outlook Rules
SC-18 Mobile Code Protects T1137.006 Add-ins
SC-18 Mobile Code Protects T1189 Drive-by Compromise
SC-18 Mobile Code Protects T1190 Exploit Public-Facing Application
SC-18 Mobile Code Protects T1203 Exploitation for Client Execution
SC-18 Mobile Code Protects T1210 Exploitation of Remote Services
SC-18 Mobile Code Protects T1211 Exploitation for Defense Evasion
SC-18 Mobile Code Protects T1212 Exploitation for Credential Access
SC-18 Mobile Code Protects T1218.001 Compiled HTML File
SC-18 Mobile Code Protects T1548 Abuse Elevation Control Mechanism
SC-18 Mobile Code Protects T1548.004 Elevated Execution with Prompt
SC-18 Mobile Code Protects T1559 Inter-Process Communication
SC-18 Mobile Code Protects T1559.001 Component Object Model
SC-18 Mobile Code Protects T1559.002 Dynamic Data Exchange
SC-18 Mobile Code Protects T1611 Escape to Host