Skip to content

Automated exfiltration


ID: MS-T832
Tactic: Defense Evasion
MITRE technique: T1020

Attackers may exploit legitimate automation processes, predefined by the compromised organization, with the goal of having their logging traces blend in normally within the company’s typical activities. Assimilating or disguising malicious intentions will keep adversary actions, such as data theft, stealthier.