HC3 TLP White Threat Intelligence Briefing - ATT&CK for Emotet, January 28, 2021

ATT&CK framework developed by the MITRE Corporation
in 2013 and released to the public in May 2015

  • Stands for “Adversarial Tactics, Techniques, and Common Knowledge”
  • Comprehensive matrix of tactics and techniques associated with malware families and threat groups
  • Leveraged by cybersecurity professionals to better classify attacks and assess an organization’s risk
  • Platforms: Windows, macOS, Linux, Cloud, Network
  • Three different matrices:
    • Enterprise ATT&CK
    • Pre-ATT&CK
    • Mobile ATT&CK
  • 14 tactics correspond to attack stages
  • 177 techniques and 348 sub-techniques
  • 42 enterprise mitigations
  • 512 software / malware
  • 109 groups
  • And growing!

Key Resources

Related Resources

Advisory
AHA and Health-ISAC Joint Threat Bulletin: Indicators of Compromise Related to Recent Health Care Ransomware Attack
Member
Advancing Health Podcast
Leadership Dialogue Series: Cybersecurity and the Fight to Safeguard Health Care
Public
Leadership Rounds
Leadership Dialogue
Public
Special Bulletin
UPDATE: AHA and Health-ISAC Threat Advisory: FBI Advises No Specific Credible Threat Targeting Hospitals
Public
Special Bulletin
AHA and Health-ISAC Bulletin on Threat to Hospitals
Member
AHA Center for Health Innovation Market Scan
Rural Hospitals Move to Enhance Cybersecurity