| ID | Name |
|---|---|
| ATAGS-T1093.001 | Environmental Keying |
| ATAGS-T1093.002 | Mutual Exclusion |
Threat Actors may environmentally key payloads or other features of malware to evade defenses and constraint execution to a specific target environment. Environmental keying uses cryptography to constrain execution or actions based on adversary supplied environment specific conditions that are expected to be present on the target. Environmental keying is an implementation of Execution Guardrails that utilizes cryptographic techniques for deriving encryption/decryption keys from specific types of values in a given computing environment.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.