Impair Defenses (T1562)

Adversaries may maliciously modify components of a victim environment in order to hinder or disable defensive mechanisms. This not only involves impairing preventative defenses, such as firewalls and anti-virus, but also detection capabilities that defenders can use to audit activity and identify malicious behavior. This may also span both native defenses as well as supplemental capabilities installed by users and administrators. Adversaries could also target event aggregation and analysis mechanisms, or otherwise disrupt these procedures by altering other system components.

Source: https://github.com/mitre/cti
Related Prelude attack chains
Release Date (Newest)
Filterfilter
Search for chains, TTPs, themes, and text

Browse By:

Platforms

  • All
  • Windows
  • Darwin
  • Linux
  • Global
  • Android

Themes

Tags

Licenses

APT40 educational institutions

2022-05-03

/static/assets/windows-logo.svg/static/assets/apple-logo.svg/static/assets/linux-logo.svg
Perform process injection and native API execution techniques.
Jambi Modules

2021-11-16

/static/assets/windows-logo.svg
Use Powershell functions to create a script implant that dynamically resolves and loads modules at runtime.
Netsh Helper DLL

2021-08-10

/static/assets/windows-logo.svg
Create a Netsh helper DLL persistence.