System Shutdown/Reboot (24787dca-6afd-4ab3-ab6c-32e9486ec418)

Adversaries may shutdown/reboot systems to interrupt access to, or aid in the destruction of, those systems. Operating systems may contain commands to initiate a shutdown/reboot of a machine or network device. In some cases, these commands may also be used to initiate a shutdown/reboot of a remote computer or network device via Network Device CLI (e.g. reload).^{[Microsoft Shutdown Oct 2017]}^{[alert_TA18_106A]}

Shutting down or rebooting systems may disrupt access to computer resources for legitimate users while also impeding incident response/recovery.

Adversaries may attempt to shutdown/reboot a system after impacting it in other ways, such as Disk Structure Wipe or Inhibit System Recovery, to hasten the intended effects on system availability.^{[Talos Nyetya June 2017]}^{[Talos Olympic Destroyer 2018]}

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
System Shutdown/Reboot (24787dca-6afd-4ab3-ab6c-32e9486ec418)	Tidal Technique	Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	1
Data Destruction (e5016c2b-85fe-4e6b-917d-0dd5b441cc34)	Tidal Technique	Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	2
Data Encrypted for Impact (f0c36d24-263c-4811-8784-f716c77ec6b3)	Tidal Technique	Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	2
Account Access Removal (847fcc8a-e74d-41e2-9f05-8d79d990cc04)	Tidal Technique	Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	Financial Theft (b9c9fd13-c10c-5e78-aeeb-ac18dc0605f9)	Tidal Technique	2
Firmware Corruption (559c647a-7759-4943-856d-dc717b5a443e)	Tidal Technique	Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	2
Data Manipulation (b77f03e8-f7d0-4d0f-8b79-4642d0fe2709)	Tidal Technique	Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	2
Defacement (9a21c7c7-cf8e-4f05-b196-86ec39653e3b)	Tidal Technique	Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	Private Cluster (14a944d3-ab95-40d8-b069-ccc4824ef46d)	Unknown	2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	Private Cluster (66657af9-83f7-4a54-b41b-301bfcdae866)	Unknown	2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	Private Cluster (26db57d5-ce6f-4487-a8a8-b4af1c4b6406)	Unknown	2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	Private Cluster (b05b5092-60f8-4324-aee3-7522753439ac)	Unknown	2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	Private Cluster (49ef3482-7b75-4097-b9a6-6c9cb99d865c)	Unknown	2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	Disk Wipe (ea2b3980-05fd-41a3-8ab9-3106e833c821)	Tidal Technique	2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	Private Cluster (d693ca8a-dacf-439e-a16b-5f6b3406a21d)	Unknown	2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	Private Cluster (2109de05-5b45-4519-94a2-6c04f7d88286)	Unknown	2
Inhibit System Recovery (d207c03b-fbe7-420e-a053-339f4650c043)	Tidal Technique	Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	Private Cluster (3ec6bb34-4134-40c3-8b67-c0aeceae4471)	Unknown	2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	Private Cluster (66cf4803-aec1-4396-afc1-28bc27dd8b2c)	Unknown	2
Resource Hijacking (d10c4a15-aeaa-4630-a7a3-3373c89a584f)	Tidal Technique	Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	Private Cluster (03619027-8a54-4cb2-8f1d-38d476edbdd8)	Unknown	2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	Private Cluster (546a3318-0e03-4b22-95f5-c02ff69a4ebf)	Unknown	2
Endpoint Denial of Service (8b0caea0-602e-4117-8322-b125150f5c2a)	Tidal Technique	Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	Private Cluster (70365fab-8531-4a0e-b147-7cabdfdef243)	Unknown	2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	Private Cluster (761fa7fa-d7e1-4796-85b3-5cd37d55dffa)	Unknown	2
Service Stop (e27c5756-f43e-424f-af62-b21e8b304e5d)	Tidal Technique	Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	2
Network Denial of Service (e6c14a7b-1fb8-4557-83e7-7f5b89717311)	Tidal Technique	Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f)	Tidal Tactic	2