Fake Privilege Boundaries

Goal: Confuse and misdirect attackers by creating the illusion of different privilege levels or access restrictions.

Approach: Presenting attackers with a misleading view of privilege boundaries.

Manipulate system responses or network configurations to create the perception of different privilege levels or access restrictions. This can lead attackers down unproductive paths or reveal their intentions.

Engage Goals: EGO0002 Affect

Engage Approach: EAP0005 Disrupt

Engage Actions: EAC0015 Information Manipulation, EAC0016 Network Manipulation

Name of Element: Fake Privilege Boundaries

Description of Element:

Goal: Confuse and misdirect attackers by creating the illusion of different privilege levels or access restrictions.

Approach: Presenting attackers with a misleading view of privilege boundaries.

Manipulate system responses or network configurations to create the perception of different privilege levels or access restrictions. This can lead attackers down unproductive paths or reveal their intentions.

Technical Context:

This element can involve manipulating file permissions, network segmentation, or even the output of system commands. This aligns with the MITRE ATT&CK technique T1562.001 (Impair Defenses: Disable or Modify Tools).

Other:

Combine this with deceptive error messages or access denied responses to further reinforce the illusion.

Leave a Reply