| ID | Name |
|---|---|
| ATAGS-T1012.001 | Business Relationships |
| ATAGS-T1012.002 | Hardware Recon |
| ATAGS-T1012.003 | Known Vulnerabilities |
| ATAGS-T1012.004 | Software Recon |
Threat actors may gather information about the victim's business relationships that can be used during targeting. Information about an mission’s business relationships may include a variety of details, including second or third-party organizations/domains (ex: managed service providers, contractors/sub-contractors, etc.) that have connected (and potentially elevated) network access or sensitive information. This information may also reveal supply chains and shipment paths for the victim’s hardware and software resources.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.