T1583.006: Web Services

View on MITRE ATT&CK	T1583.006
Tactic(s)	Resource Development

Data from MITRE ATT&CK®:

Adversaries may register for web services that can be used during targeting. A variety of popular websites exist for adversaries to register for a web-based service that can be abused during later stages of the adversary lifecycle, such as during Command and Control (Web Service), Exfiltration Over Web Service, or Phishing. Using common services, such as those offered by Google or Twitter, makes it easier for adversaries to hide in expected noise. By utilizing a web service, adversaries can make it difficult to physically tie back operations to them.

Cyber Threat Graph Context

Explore how this ATT&CK Technique relates to the wider threat graph

Reporting on this Technique

Report

Evasive Panda leverages Monlam Festival to target Tibetans

This report by researchers at ESET describes a campaign which they attribute to the China-aligned APT Evasive Panda. The report describes a ...

View Source

Mitigations for this technique

MITRE ATT&CK Mitigations

Pre-compromise

This category is used for any applicable mitigation activities that apply to techniques occurring before an adversary gains Initial Access, such as Reconnaissance and Resource Development techniques.

How to detect this technique

MITRE ATT&CK Data Components

Response Content (Internet Scan)

Logged network traffic in response to a scan showing both protocol header and body values