locsec/AMITT
1
Форкнуть 0
Код Задачи Запросы на слияние Действия Пакеты Проекты Релизы Вики Активность
AMITT/techniques/T0011.md
Sara-Jayne Terp 8bb63006b6 Added suggested changes to countermeasures list 
- Merged C00145 into C00178. Deleted C00145
- Updated text in C00144
- Added warning label to C000139
- Merged C00137 into C00149. Deleted C00137
- Moved C00090 to TA07
- Updated text in C00211
- Updated text in C00030
- Merged C00158 into C00073. Deleted C00158
- Merged C00102 into C00101. Deleted C00102
- Merged C00089 into C00101. Deleted C00089
- Added note to C00200
- Merged C00194 into C00174. Deleted C00194
- Merged C00151 into C00190. Deleted C00151
- Updated text in C00182
- Added warning to C00122
- Updated text in C00211
- Updated text in C00030
- Merged C00215 into C00012.  Deleted C00215
- Merged C00214 into C00012. Deleted C000214
- Merged C00196 into C00012. Deleted C000196
- Updated text in C00111
- Merged C00167 into C00026.  Deleted C00167
- Added warning to C00056
- Updated text in C00172
- Merged C00171 into C00107. Deleted C00171
- Updated text in C00103
- Merged C00110 into C00195. Deleted C00110
- Updated text in C00117
- Merged C00193 into C00188. Deleted C00193
- Merged C00204 into C00188. Deleted C00204
- Moved C00217 to detections F00094
2021-05-01 21:30:13 +01:00

25 строки
1.4 KiB
Markdown
Исходник Ответственный История

Этот файл содержит неоднозначные символы Юникода

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Technique T0011: Hijack legitimate account
* **Summary**: Hack or take over legimate accounts to distribute misinformation or damaging content. Examples include Syrian Electronic Army (2013) series of false tweets from a hijacked Associated Press Twitter account claiming that President Barack Obama had been injured in a series of explosions near the White House. The false report caused a temporary plunge of 143 points on the Dow Jones Industrial Average.
* **Belongs to tactic stage**: TA04
| Incident | Descriptions given for this incident |
| -------- | -------------------- |
| [I00042 Saudi/Qatar bot dispute](../incidents/I00042.md) | “hack” of Qatars official news agency |
| Counters | Response types |
| -------- | -------------- |
| [C00053 Delete old accounts / Remove unused social media accounts](../counters/C00053.md) | D4 Degrade |
| [C00098 Revocation of allowlisted or "verified" status](../counters/C00098.md) | D2 Deny |
| [C00133 Deplatform Account*](../counters/C00133.md) | D3 Disrupt |
| [C00153 Take pre-emptive action against actors' infrastructure](../counters/C00153.md) | D3 Disrupt |
| [C00182 Redirection / malware detection/ remediation](../counters/C00182.md) | D2 Deny |
| [C00189 Ensure that platforms are taking down flagged accounts](../counters/C00189.md) | D6 Destroy |
| [C00197 remove suspicious accounts](../counters/C00197.md) | D2 Deny |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW
Ссылка в новой задаче Показать git blame Копировать постоянную ссылку