search
GitHubPsMapExec

Impair Defenses

https://attack.mitre.org/techniques/T1562/

ATT&CK ID: T1562arrow-up-right

Description

Adversaries may maliciously modify components of a victim environment in order to hinder or disable defensive mechanisms. This not only involves impairing preventative defenses, such as firewalls and anti-virus, but also detection capabilities that defenders can use to audit activity and identify malicious behavior. This may also span both native defenses as well as supplemental capabilities installed by users and administrators.

Adversaries could also target event aggregation and analysis mechanisms, or otherwise disrupt these procedures by altering other system components.

[Sourcearrow-up-right]

hashtag
Sub-Techniques

hashtag
T1562.001:

WIP

hashtag
T1562.002: Disable Windows Event Logging

Disable Windows Event Loggingchevron-right

hashtag
T1562.003: Impair Command History Logging

Impair Command History Loggingchevron-right

hashtag
T1562.004:

Disable or Modify System Firewallchevron-right

hashtag
T1562.005:

WIP

hashtag
T1562.006:

WIP

hashtag
T1562.007:

WIP

hashtag
T1562.008:

WIP

hashtag
T1562.009:

WIP

Last updated