1. Home
  2. Techniques
  3. Enterprise
  4. Compromise Infrastructure

Compromise Infrastructure

ID Name
ATAGS-T1016.001 3rd Party Ground System
ATAGS-T1016.002 3rd-Party Spacecraft
ATAGS-T1016.003 Botnet
ATAGS-T1016.004 Compromise Ground Segment
ATAGS-T1016.005 Compromise Satellite(s)
ATAGS-T1016.006 DNS Server
ATAGS-T1016.007 Domains
ATAGS-T1016.008 Malvertising
ATAGS-T1016.009 Mission-Operated Ground System
ATAGS-T1016.010 Network Devices
ATAGS-T1016.011 Server
ATAGS-T1016.012 Serverless
ATAGS-T1016.013 Virtual Private Server
ATAGS-T1016.014 Web Services

Threat actors may compromise third-party infrastructure that can be used for future campaigns or to perpetuate other techniques. Infrastructure solutions include physical devices such as antenna, amplifiers, and convertors, as well as software used by satellite communicators. Instead of buying or renting infrastructure, a threat actor may compromise infrastructure and use it during other phases of the campaign's lifecycle.

ID: ATAGS-T1016
Sub-techniques:  ATAGS-T1016.001, ATAGS-T1016.002, ATAGS-T1016.003, ATAGS-T1016.004, ATAGS-T1016.005, ATAGS-T1016.006, ATAGS-T1016.007, ATAGS-T1016.008, ATAGS-T1016.009, ATAGS-T1016.010, ATAGS-T1016.011, ATAGS-T1016.012, ATAGS-T1016.013, ATAGS-T1016.014
Tactic: Resource Development
Targeted Components: Hardware / Satellite Communication
Responsibility: Provider
Created: 18 April 2026
Last Modified: 18 April 2026

Mitigations

This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.