NIST 800-53 SC-18 Mappings

Mobile code includes any program, application, or content that can be transmitted across a network (e.g., embedded in an email, document, or website) and executed on a remote system. Decisions regarding the use of mobile code within organizational systems are based on the potential for the code to cause damage to the systems if used maliciously. Mobile code technologies include Java applets, JavaScript, HTML5, WebGL, and VBScript. Usage restrictions and implementation guidelines apply to both the selection and use of mobile code installed on servers and mobile code downloaded and executed on individual workstations and devices, including notebook computers and smart phones. Mobile code policy and procedures address specific actions taken to prevent the development, acquisition, and introduction of unacceptable mobile code within organizational systems, including requiring mobile code to be digitally signed by a trusted source.

Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name
SC-18	Mobile Code	Protects	T1021.003	Distributed Component Object Model
SC-18	Mobile Code	Protects	T1055	Process Injection
SC-18	Mobile Code	Protects	T1055.001	Dynamic-link Library Injection
SC-18	Mobile Code	Protects	T1055.002	Portable Executable Injection
SC-18	Mobile Code	Protects	T1055.003	Thread Execution Hijacking
SC-18	Mobile Code	Protects	T1055.004	Asynchronous Procedure Call
SC-18	Mobile Code	Protects	T1055.005	Thread Local Storage
SC-18	Mobile Code	Protects	T1055.008	Ptrace System Calls
SC-18	Mobile Code	Protects	T1055.009	Proc Memory
SC-18	Mobile Code	Protects	T1055.011	Extra Window Memory Injection
SC-18	Mobile Code	Protects	T1055.013	Process Doppelgänging
SC-18	Mobile Code	Protects	T1055.014	VDSO Hijacking
SC-18	Mobile Code	Protects	T1059	Command and Scripting Interpreter
SC-18	Mobile Code	Protects	T1059.005	Visual Basic
SC-18	Mobile Code	Protects	T1059.007	JavaScript
SC-18	Mobile Code	Protects	T1137	Office Application Startup
SC-18	Mobile Code	Protects	T1137.001	Office Template Macros
SC-18	Mobile Code	Protects	T1137.002	Office Test
SC-18	Mobile Code	Protects	T1137.003	Outlook Forms
SC-18	Mobile Code	Protects	T1137.004	Outlook Home Page
SC-18	Mobile Code	Protects	T1137.005	Outlook Rules
SC-18	Mobile Code	Protects	T1137.006	Add-ins
SC-18	Mobile Code	Protects	T1203	Exploitation for Client Execution
SC-18	Mobile Code	Protects	T1210	Exploitation of Remote Services
SC-18	Mobile Code	Protects	T1218.001	Compiled HTML File
SC-18	Mobile Code	Protects	T1548.004	Elevated Execution with Prompt
SC-18	Mobile Code	Protects	T1559	Inter-Process Communication
SC-18	Mobile Code	Protects	T1559.001	Component Object Model
SC-18	Mobile Code	Protects	T1559.002	Dynamic Data Exchange
SC-18	Mobile Code	Protects	T1211	Exploitation for Defense Evasion
SC-18	Mobile Code	Protects	T1190	Exploit Public-Facing Application
SC-18	Mobile Code	Protects	T1189	Drive-by Compromise
SC-18	Mobile Code	Protects	T1068	Exploitation for Privilege Escalation
SC-18	Mobile Code	Protects	T1055.012	Process Hollowing
SC-18	Mobile Code	Protects	T1548	Abuse Elevation Control Mechanism
SC-18	Mobile Code	Protects	T1212	Exploitation for Credential Access