Develop Capabilities

Before compromising a victim, adversaries may build in-house capabilities that can be used during targeting. Adversaries may develop capabilities to support their operations throughout numerous phases of the adversary lifecycle.[1][2][3][4][5]

Mitigations

This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.

Detection

Much of this activity will take place outside the visibility of the target organization, making detection of this behavior difficult. Detection efforts may be focused on related stages of the adversary lifecycle, such as during Defense Evasion or Command and Control.

References

Attachments

ID
VT0007
MITRE ID
Tactic
Resource Development
Platforms
PRE
Version
1.0

Created: 20 December 2020

Last Modified: 20 December 2020