T1594: Search Victim-Owned Websites
View on MITRE ATT&CK | T1594 |
---|---|
Tactic(s) | Reconnaissance |
Data from MITRE ATT&CK®:
Adversaries may search websites owned by the victim for information that can be used during targeting. Victim-owned websites may contain a variety of details, including names of departments/divisions, physical locations, and data about key employees such as names, roles, and contact info (ex: Email Addresses). These sites may also have details highlighting business operations and relationships.(Citation: Comparitech Leak)
Adversaries may search victim-owned websites to gather actionable information. Information from these sources may reveal opportunities for other forms of reconnaissance (ex: Phishing for Information or Search Open Technical Databases), establishing operational resources (ex: Establish Accounts or Compromise Accounts), and/or initial access (ex: Trusted Relationship or Phishing).
© 2024 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.
Cyber Threat Graph Context
Explore how this ATT&CK Technique relates to the wider threat graph
Reporting on this Technique
APT40 Advisory - PRC MSS tradecraft in action
This advisory, authored by the Australian Cyber Security Centre and multiple other international cybersecurity agencies, outlines the threat posed ...
APT41 Has Arisen From the DUST
This report from Mandiant outlines APT41 activity observed since 2023 including successful compromises of logistic, media, technology and ...
PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure
Following an initial advisory issued in May 2023, this advisory from CISA, NSA and partners outlines information on the broader campaign of cyber ...
Mitigations for this technique
MITRE ATT&CK Mitigations