Lateral Movement
The adversary is trying to move through your environment.
Technique-ID | Title | Description |
---|---|---|
ATE-065 | Exploitation of Remote Services |
Attackers can exploit vulnerabilities in remote services to move from asset to asset within the vehicle. |
ATE-066 | Remote Services |
Attackers can use various remote services to move from asset to asset within the vehicle. |
ATE-067 | Replication Through Removable Media |
Attackers using physical media, like USB drives, to introduce or propagate malicious software across vehicle systems. This can exploit maintenance or update procedures where removable media is used. |
ATE-068 | Exploit ECU for Lateral Movement |
Refers to the exploitation of an ECU to navigate or spread malicious activities across interconnected systems within a vehicle, potentially compromising multiple functionalities or subsystems. Leveraging vulnerabilities in one ECU can provide attackers with pathways to move laterally, targeting other ECU and escalating their influence over the vehicle's operations. |
ATE-069 | Bridge Vehicle Networks |
Attackers exploit vulnerabilities to move between segregated networks within a vehicle, potentially gaining access to more sensitive or critical systems. For instance, bridging from an infotainment system to a car's braking system or accessing a train's control network from a passenger WiFi system. |