Compromise Software Supply Chain - T1195.002 (bd369cd9-abb8-41ce-b5bb-fff23ee86c00)
Adversaries may manipulate application software prior to receipt by a final consumer for the purpose of data or system compromise. Supply chain compromise of software can take place in a number of ways, including manipulation of the application source code, manipulation of the update/distribution mechanism for that software, or replacing compiled releases with a modified version.
Targeting may be specific to a desired victim set or may be distributed to a broad set of consumers but only move on to additional tactics on specific victims.(Citation: Avast CCleaner3 2018)(Citation: Command Five SK 2011)
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Compromise Software Supply Chain - T1195.002 (bd369cd9-abb8-41ce-b5bb-fff23ee86c00) | Attack Pattern | Supply Chain Compromise - T1195 (3f18edba-28f4-4bb9-82c3-8aa60dcac5f7) | Attack Pattern | 1 |