8bb63006b6
- Merged C00145 into C00178. Deleted C00145 - Updated text in C00144 - Added warning label to C000139 - Merged C00137 into C00149. Deleted C00137 - Moved C00090 to TA07 - Updated text in C00211 - Updated text in C00030 - Merged C00158 into C00073. Deleted C00158 - Merged C00102 into C00101. Deleted C00102 - Merged C00089 into C00101. Deleted C00089 - Added note to C00200 - Merged C00194 into C00174. Deleted C00194 - Merged C00151 into C00190. Deleted C00151 - Updated text in C00182 - Added warning to C00122 - Updated text in C00211 - Updated text in C00030 - Merged C00215 into C00012. Deleted C00215 - Merged C00214 into C00012. Deleted C000214 - Merged C00196 into C00012. Deleted C000196 - Updated text in C00111 - Merged C00167 into C00026. Deleted C00167 - Added warning to C00056 - Updated text in C00172 - Merged C00171 into C00107. Deleted C00171 - Updated text in C00103 - Merged C00110 into C00195. Deleted C00110 - Updated text in C00117 - Merged C00193 into C00188. Deleted C00193 - Merged C00204 into C00188. Deleted C00204 - Moved C00217 to detections F00094
44 строки
2.0 KiB
Markdown
44 строки
2.0 KiB
Markdown
# Counter C00149: Poison the monitoring & evaluation data
|
|
|
|
* **Summary**: Includes Pollute the AB-testing data feeds: Polluting A/B testing requires knowledge of MOEs and MOPs. A/B testing must be caught early when there is relatively little data available so infiltration of TAs and understanding of how content is migrated from testing to larger audiences is fundamental.
|
|
|
|
* **Playbooks**: Playbook 1: Distort TA demographics by posting irrelevant content, misleading demogaphic data, etc.
|
|
Playbook 2: Work with the media platform to distort publicly available metrics. Can we work with Twitter to get crappy off-brand memes artificially bumped without needing to create fake accounts, etc.?
|
|
Playbook 3: Use adtech to promote content inconsistent with TA demographics. If the adversary is reverse engineering a groups demographics by analyzing ads placed on the platform/group, by spamming ads for out-group stuff it may distort analysis of the group.
|
|
Playbook 4: Distort Google Trends and other publicly available source of metrics using bots, cyborgs, adtech.
|
|
Playbook 5: Distort TA emotional response to content/narratives.
|
|
Playbook 6: Promote damp squibs. Within a known TA promote/inflate crappy off-brand memes which are unlikley to resonate.
|
|
Playbook 7: Detect early trending/engagement and undermine the content by responding with 5Ds, toxic community behaviour, satirical responses, etc.
|
|
Playbook 8: If adtech is used, fake clicks and engagements on the content.
|
|
|
|
* **Metatechnique**: M008 - data pollution
|
|
|
|
* **Resources needed:**
|
|
|
|
* **Belongs to tactic stage**: TA12
|
|
|
|
|
|
| Actors | Sectors |
|
|
| ------ | ------- |
|
|
|
|
|
|
|
|
| Counters these Tactics |
|
|
| ---------------------- |
|
|
|
|
|
|
|
|
| Counters these Techniques |
|
|
| ------------------------- |
|
|
| [T0020 Trial content](../techniques/T0020.md) |
|
|
| [T0046 Search Engine Optimization](../techniques/T0046.md) |
|
|
| [T0057 Organise remote rallies and events](../techniques/T0057.md) |
|
|
| [T0063 Message reach](../techniques/T0063.md) |
|
|
|
|
|
|
|
|
| Seen in incidents |
|
|
| ----------------- |
|
|
|
|
|
|
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW |