Compromise Infrastructure: Network Devices

Other sub-techniques of Compromise Infrastructure (14)

ID	Name
ATAGS-T1016.001	3rd Party Ground System
ATAGS-T1016.002	3rd-Party Spacecraft
ATAGS-T1016.003	Botnet
ATAGS-T1016.004	Compromise Ground Segment
ATAGS-T1016.005	Compromise Satellite(s)
ATAGS-T1016.006	DNS Server
ATAGS-T1016.007	Domains
ATAGS-T1016.008	Malvertising
ATAGS-T1016.009	Mission-Operated Ground System
ATAGS-T1016.010	Network Devices
ATAGS-T1016.011	Server
ATAGS-T1016.012	Serverless
ATAGS-T1016.013	Virtual Private Server
ATAGS-T1016.014	Web Services

Threat actors may compromise third-party network devices that can be used during targeting. Network devices, such as small office/home office (SOHO) routers, may be compromised where the adversary's ultimate goal is not Initial Access to that environment, but rather to leverage these devices to support additional targeting.

ID: ATAGS-T1016.010

Sub-technique of: ATAGS-T1016

ⓘ

Tactic: Resource Development

ⓘ

Targeted Components: Hardware / Satellite Communication

ⓘ

Responsibility: Provider

Created: 18 April 2026

Last Modified: 18 April 2026

Mitigations

This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.