| ID | Name |
|---|---|
| ATAGS-T1012.001 | Business Relationships |
| ATAGS-T1012.002 | Hardware Recon |
| ATAGS-T1012.003 | Known Vulnerabilities |
| ATAGS-T1012.004 | Software Recon |
Threat actors may gather information relating to the mission's software supply chain in order to facilitate future attacks to achieve data or system compromise. This attack can take place in a number of ways, including manipulation of source code, manipulation of the update and/or distribution mechanism, or replacing compiled versions with a malicious one.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.