locsec/AMITT
1
Форкнуть 0
Код Задачи Запросы на слияние Действия Пакеты Проекты Релизы Вики Активность
AMITT/techniques/T0025.md
Sara-Jayne Terp 8bb63006b6 Added suggested changes to countermeasures list 
- Merged C00145 into C00178. Deleted C00145
- Updated text in C00144
- Added warning label to C000139
- Merged C00137 into C00149. Deleted C00137
- Moved C00090 to TA07
- Updated text in C00211
- Updated text in C00030
- Merged C00158 into C00073. Deleted C00158
- Merged C00102 into C00101. Deleted C00102
- Merged C00089 into C00101. Deleted C00089
- Added note to C00200
- Merged C00194 into C00174. Deleted C00194
- Merged C00151 into C00190. Deleted C00151
- Updated text in C00182
- Added warning to C00122
- Updated text in C00211
- Updated text in C00030
- Merged C00215 into C00012.  Deleted C00215
- Merged C00214 into C00012. Deleted C000214
- Merged C00196 into C00012. Deleted C000196
- Updated text in C00111
- Merged C00167 into C00026.  Deleted C00167
- Added warning to C00056
- Updated text in C00172
- Merged C00171 into C00107. Deleted C00171
- Updated text in C00103
- Merged C00110 into C00195. Deleted C00110
- Updated text in C00117
- Merged C00193 into C00188. Deleted C00193
- Merged C00204 into C00188. Deleted C00204
- Moved C00217 to detections F00094
2021-05-01 21:30:13 +01:00

3.1 KiB
Исходник Ответственный История

Technique T0025: Leak altered documents

  • Summary: Obtain documents (eg by theft or leak), then alter and release, possibly among factual documents/sources.

Example (2019) DFRLab report "Secondary Infektion” highlights incident with key asset being a forged “letter” created by the operation to provide ammunition for far-right forces in Europe ahead of the election.

  • Belongs to tactic stage: TA06
Incident Descriptions given for this incident
I00015 ConcordDiscovery Forge ('release' altered hacked documents), hack/leak/manipulate/distort
I00017 US presidential elections hack/leak/manipulate/distort
I00022 #Macronleaks hack/leak/manipulate/distort
I00051 Integrity Initiative hack/leak/manipulate/distort
Counters Response types
C00006 Charge for social media D2 Deny
C00006 Censorship D2 Deny
C00012 Platform regulation D2 Deny
C00036 Infiltrate the in-group to discredit leaders (divide) D2 Deny
C00072 Remove non-relevant content from special interest groups – not recommended D2 Deny
C00073 Inoculate populations through media literacy training D2 Deny
C00074 Identify and delete or rate limit identical content D2 Deny
C00082 Ground truthing as automated response to pollution D3 Disrupt
C00085 Mute content D3 Disrupt
C00096 Strengthen institutions that are always truth tellers D7 Deter
C00107 Content moderation D2 Deny
C00117 Downgrade / de-amplify so message is seen by fewer people D4 Degrade
C00119 Engage payload and debunk. Provide link to facts. D7 Deter
C00122 Content moderation D2 Deny
C00165 Ensure integrity of official documents D2 Deny
C00176 Improve Coordination amongst stakeholders: public and private D7 Deter
C00190 open engagement with civil society D3 Disrupt
C00195 Redirect searches away from disinformation or extremist content D2 Deny
C00200 Respected figure (influencer) disavows misinfo D3 Disrupt
C00202 Set data 'honeytraps' D2 Deny
C00205 strong dialogue between the federal government and private sector to encourage better reporting D3 Disrupt
C00211 Use humorous counter-narratives D3 Disrupt
C00219 Add metadata to content thats out of the control of disinformation creators D4 Degrade

DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW