Mitigation Limited or Not Effective

From attackics
Jump to navigation Jump to search
Mitigation Limited or Not Effective
Mitigation
ID M0816

Description

This type of attack technique cannot be easily mitigated with preventative controls since it is based on the abuse of system features.


Techniques Addressed by Mitigation

NameUse
Graphical User InterfaceOnce an adversary has access to a remote GUI they can abuse system features, such as required HMI functions.
I/O ImageThis technique may not be effectively mitigated against, consider controls for assets and processes that lead to the use of this technique.
Manipulate I/O ImageThis technique may not be effectively mitigated against, consider controls for assets and processes that lead to the use of this technique.
Monitor Process StateThis type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.
Network Connection EnumerationNetwork connection enumeration is likely obtained by using common system tools (e.g., netstat, ipconfig).
Screen CapturePreventing screen capture on a device may require disabling various system calls supported by the operating systems (e.g., Microsoft WindowsGraphicsCaputer APIs), however, these may be needed for other critical applications.