HC3 TLP White Threat Intelligence Briefing - ATT&CK for Emotet, January 28, 2021

ATT&CK framework developed by the MITRE Corporation
in 2013 and released to the public in May 2015

  • Stands for “Adversarial Tactics, Techniques, and Common Knowledge”
  • Comprehensive matrix of tactics and techniques associated with malware families and threat groups
  • Leveraged by cybersecurity professionals to better classify attacks and assess an organization’s risk
  • Platforms: Windows, macOS, Linux, Cloud, Network
  • Three different matrices:
    • Enterprise ATT&CK
    • Pre-ATT&CK
    • Mobile ATT&CK
  • 14 tactics correspond to attack stages
  • 177 techniques and 348 sub-techniques
  • 42 enterprise mitigations
  • 512 software / malware
  • 109 groups
  • And growing!

Key Resources

Related Resources

Special Bulletin
Senate Deal Reached to End Government Shutdown
Member
Guides and Reports
Strategies for Cyber Preparedness in Health Care
Advisory
Hospitals That Are Oracle Customers Urged to Take Immediate Action to Address Security Vulnerability
Public
Issue Landing Page
Cybersecurity and Risk Advisory Service
Issue Landing Page
Support for Your Cybersecurity Program
Guides and Reports
Cybersecurity and Risk Advisory Services