cti/pre-attack/attack-pattern/attack-pattern--4aeafdb3-eb0b-4e8e-b93f-95cd499088b4.json

{
    "type": "bundle",
    "id": "bundle--52bc0882-0410-4c90-b750-f23a6b781dcc",
    "spec_version": "2.0",
    "objects": [
        {
            "id": "attack-pattern--4aeafdb3-eb0b-4e8e-b93f-95cd499088b4",
            "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
            "name": "Compromise of externally facing system",
            "description": "**This technique has been deprecated. Please use [Exploit Public-Facing Application](https://attack.mitre.org/techniques/T1190) and [External Remote Services](https://attack.mitre.org/techniques/T1133) where appropriate.**\n\nExternally facing systems allow connections from outside the network as a normal course of operations.  Externally facing systems may include, but are not limited to, websites, web portals, email, DNS, FTP, VPN concentrators, and boarder routers and firewalls. These systems could be in a demilitarized zone (DMZ) or may be within other parts of the internal environment. (Citation: CylanceOpCleaver) (Citation: DailyTechAntiSec)",
            "external_references": [
                {
                    "source_name": "mitre-pre-attack",
                    "external_id": "T1388",
                    "url": "https://attack.mitre.org/techniques/T1388"
                },
                {
                    "description": "CYLANCE. (n.d.). Operation Cleaver. Retrieved March 6, 2017.",
                    "source_name": "CylanceOpCleaver"
                },
                {
                    "description": "Jason Mick. (2011, July 12). AntiSec Exposes U.S. Soldiers' S/Ns, Passwords, Vows Attack on Monsanto. Retrieved March 9, 2017.",
                    "source_name": "DailyTechAntiSec"
                }
            ],
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
            "type": "attack-pattern",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "mitre-pre-attack",
                    "phase_name": "compromise"
                }
            ],
            "modified": "2020-03-30T14:16:12.162Z",
            "created": "2017-12-14T16:46:06.044Z",
            "x_mitre_is_subtechnique": false,
            "x_mitre_old_attack_id": "PRE-T1165",
            "x_mitre_version": "1.0",
            "x_mitre_difficulty_for_adversary_explanation": "DMZ environments are specifically designed to be isolated because one assumes they will ultimately be compromised by the adversary.",
            "x_mitre_difficulty_for_adversary": "Yes",
            "x_mitre_detectable_by_common_defenses_explanation": "Most DMZs are monitored but are also designed so that if they are compromised, the damage/risk is limited.",
            "x_mitre_deprecated": true,
            "x_mitre_detectable_by_common_defenses": "Yes"
        }
    ]
}