| ID | Name |
|---|---|
| ATAGS-T1054.001 | Bootkit |
| ATAGS-T1054.002 | Ransomware |
| ATAGS-T1054.003 | Rootkit |
| ATAGS-T1054.004 | Wiper Malware |
Threat actors may use bootkits to persist on systems and evade detection. Bootkits reside at a layer below the operating system and may make it difficult to perform full remediation unless an organization suspects one was used and can act accordingly.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.