Lateral Movement

The adversary is trying to move through your environment.

Domain
Automotive
Rail
Technique-ID Title Description
ATE-065 Exploitation of Remote Services

Attackers can exploit vulnerabilities in remote services to move from asset to asset within the vehicle.

ATE-066 Remote Services

Attackers can use various remote services to move from asset to asset within the vehicle.

ATE-067 Replication Through Removable Media

Attackers using physical media, like USB drives, to introduce or propagate malicious software across vehicle systems. This can exploit maintenance or update procedures where removable media is used.

ATE-068 Exploit ECU for Lateral Movement

Refers to the exploitation of an ECU to navigate or spread malicious activities across interconnected systems within a vehicle, potentially compromising multiple functionalities or subsystems. Leveraging vulnerabilities in one ECU can provide attackers with pathways to move laterally, targeting other ECU and escalating their influence over the vehicle's operations.

ATE-069 Bridge Vehicle Networks

Attackers exploit vulnerabilities to move between segregated networks within a vehicle, potentially gaining access to more sensitive or critical systems. For instance, bridging from an infotainment system to a car's braking system or accessing a train's control network from a passenger WiFi system.