8bb63006b6
- Merged C00145 into C00178. Deleted C00145 - Updated text in C00144 - Added warning label to C000139 - Merged C00137 into C00149. Deleted C00137 - Moved C00090 to TA07 - Updated text in C00211 - Updated text in C00030 - Merged C00158 into C00073. Deleted C00158 - Merged C00102 into C00101. Deleted C00102 - Merged C00089 into C00101. Deleted C00089 - Added note to C00200 - Merged C00194 into C00174. Deleted C00194 - Merged C00151 into C00190. Deleted C00151 - Updated text in C00182 - Added warning to C00122 - Updated text in C00211 - Updated text in C00030 - Merged C00215 into C00012. Deleted C00215 - Merged C00214 into C00012. Deleted C000214 - Merged C00196 into C00012. Deleted C000196 - Updated text in C00111 - Merged C00167 into C00026. Deleted C00167 - Added warning to C00056 - Updated text in C00172 - Merged C00171 into C00107. Deleted C00171 - Updated text in C00103 - Merged C00110 into C00195. Deleted C00110 - Updated text in C00117 - Merged C00193 into C00188. Deleted C00193 - Merged C00204 into C00188. Deleted C00204 - Moved C00217 to detections F00094
1.4 KiB
1.4 KiB
Technique T0011: Hijack legitimate account
-
Summary: Hack or take over legimate accounts to distribute misinformation or damaging content. Examples include Syrian Electronic Army (2013) series of false tweets from a hijacked Associated Press Twitter account claiming that President Barack Obama had been injured in a series of explosions near the White House. The false report caused a temporary plunge of 143 points on the Dow Jones Industrial Average.
-
Belongs to tactic stage: TA04
| Incident | Descriptions given for this incident |
|---|---|
| I00042 Saudi/Qatar bot dispute | “hack” of Qatar’s official news agency |
| Counters | Response types |
|---|---|
| C00053 Delete old accounts / Remove unused social media accounts | D4 Degrade |
| C00098 Revocation of allowlisted or "verified" status | D2 Deny |
| C00133 Deplatform Account* | D3 Disrupt |
| C00153 Take pre-emptive action against actors' infrastructure | D3 Disrupt |
| C00182 Redirection / malware detection/ remediation | D2 Deny |
| C00189 Ensure that platforms are taking down flagged accounts | D6 Destroy |
| C00197 remove suspicious accounts | D2 Deny |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW