| ID | Name |
|---|---|
| ATAGS-T1059.001 | At |
| ATAGS-T1059.002 | Container Orchestration Job |
| ATAGS-T1059.003 | Cron |
| ATAGS-T1059.004 | Scheduled Task |
| ATAGS-T1059.005 | Systemd Timers |
Threat actors may abuse the cron utility to perform task scheduling for initial or recurring execution of malicious code. The cron utility is a time-based job scheduler for Unix-like operating systems. The crontab file contains the schedule of cron entries to be run and the specified times for execution. Any crontab files are stored in operating system-specific file paths.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.