TA0010ATT&CK 14.1

TA0010Exfiltration

Description

The adversary is trying to steal data. Exfiltration consists of techniques that adversaries may use to steal data from your network. Once they’ve collected data, adversaries often package it to avoid detection while removing it. This can include compression and encryption. Techniques for getting data out of a target network typically include transferring it over their command and control channel or an alternate channel and may also include putting size limits on the transmission.

Techniques in this tactic· 9

T1011
Exfiltration Over Other Network Medium
T1020
Automated Exfiltration
T1029
Scheduled Transfer
T1030
Data Transfer Size Limits
T1041
Exfiltration Over C2 Channel
T1048
Exfiltration Over Alternative Protocol
T1052
Exfiltration Over Physical Medium
T1537
Transfer Data to Cloud Account
T1567
Exfiltration Over Web Service

Sub-techniques in this tactic· 10

T1011.001T1020.001T1048.001T1048.002T1048.003T1052.001T1567.001T1567.002T1567.003T1567.004

References

  1. https://attack.mitre.org/tactics/TA0010

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Technique
Exfiltration Over C2 Channel
Technique
Automated Exfiltration
Technique
Exfiltration Over Other Network Medium
Sub-technique
Exfiltration Over Unencrypted Non-C2 Protocol
Tactic
Command and Control
Technique
Exfiltration Over Physical Medium
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, Founder at SQUR.