MS-T832 - Automated exfiltration (f4a35b50-b56b-5663-8a84-e2235cee712f)
Attackers may exploit legitimate automation processes, predefined by the compromised organization, with the goal of having their logging traces blend in normally within the company’s typical activities. Assimilating or disguising malicious intentions will keep adversary actions, such as data theft, stealthier.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Automated Exfiltration - T1020 (774a3188-6ba9-4dc4-879d-d54ee48a5ce9) | Attack Pattern | MS-T832 - Automated exfiltration (f4a35b50-b56b-5663-8a84-e2235cee712f) | Threat Matrix for storage services | 1 |