Scheduled Task/Job

Attackers use the task scheduling feature to execute malicious code, either as a one-time event or at recurring intervals. Task scheduling is used to achieve persistence by running programs at system startup or on a schedule. It can also allow them to run processes using specific user account contexts, perhaps with elevated privileges.

Tactic

Execution

Tactic_ID

ATA-003

Technique_ID

ATE-037

Severity of Impact

High

Severity of Feasibility

Low

Domain

Automotive

Rail

Manipulate Environment

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Affect Vehicle Function

Impact

Scheduled Task/Job