Exfiltration Over Web Service (66768217-acdd-4b52-902f-e29483630ad6)

Adversaries may use an existing, legitimate external Web service to exfiltrate data rather than their primary command and control channel. Popular Web services acting as an exfiltration mechanism may give a significant amount of cover due to the likelihood that hosts within a network are already communicating with them prior to compromise. Firewall rules may also already exist to permit traffic to these services.

Web service providers also commonly use SSL/TLS encryption, giving adversaries an added level of protection.

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Exfiltration Over Web Service (66768217-acdd-4b52-902f-e29483630ad6)	Tidal Technique	Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023)	Tidal Tactic	1
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023)	Tidal Tactic	Scheduled Transfer (ea0557cd-94bc-48cf-9c3b-293c40986464)	Tidal Technique	2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023)	Tidal Tactic	Private Cluster (4c34fe8b-ea13-55f9-9a2f-5948e2a2ecca)	Unknown	2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023)	Tidal Tactic	Private Cluster (8b6743e7-e856-5772-8b38-2c002602b365)	Unknown	2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023)	Tidal Tactic	Exfiltration Over Alternative Protocol (192d25ea-bae1-48e4-88de-e0acd481ab88)	Tidal Technique	2
Exfiltration Over C2 Channel (89203cae-d3f1-4eef-9b5a-29042eb05d19)	Tidal Technique	Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023)	Tidal Tactic	2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023)	Tidal Tactic	Exfiltration Over Other Network Medium (d8541e2d-6bdd-4ec0-95c4-c0f657502d5f)	Tidal Technique	2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023)	Tidal Tactic	Exfiltration Over Physical Medium (36e0e8c0-ed8c-42b5-8bbf-b7cb322bc26f)	Tidal Technique	2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023)	Tidal Tactic	Data Transfer Size Limits (dc98c882-8fba-4a10-bc6f-43088edb87af)	Tidal Technique	2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023)	Tidal Tactic	Automated Exfiltration (26abc19f-5968-45f1-aa1f-f35863a2f804)	Tidal Technique	2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023)	Tidal Tactic	Transfer Data to Cloud Account (ab4f22d6-465f-4a16-8a40-693f2234c4ac)	Tidal Technique	2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023)	Tidal Tactic	Private Cluster (38cfe608-a7e3-4e4f-9e2d-6a6ab14946f9)	Unknown	2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023)	Tidal Tactic	Private Cluster (848e3552-e89d-4981-a5a5-eaf610e6eb37)	Unknown	2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023)	Tidal Tactic	Private Cluster (c2fc2776-e674-46ff-8b8d-ecc90b8b1c26)	Unknown	2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023)	Tidal Tactic	Private Cluster (c4a8902a-bb87-4be2-bbaf-c40c9ebcbae1)	Unknown	2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023)	Tidal Tactic	Private Cluster (b27b273b-77e7-4243-8b48-a735857c0708)	Unknown	2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023)	Tidal Tactic	Private Cluster (f424dade-21f3-4269-9940-ce64d93b97c4)	Unknown	2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023)	Tidal Tactic	Private Cluster (ce886c55-17ab-4c1c-90dc-3aa93e69bdb4)	Unknown	2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023)	Tidal Tactic	Private Cluster (27041aa4-13e7-4d84-b1c7-02047beb5534)	Unknown	2