| ID | Name |
|---|---|
| ATAGS-T1163.001 | SSH Hijacking |
| ATAGS-T1163.002 | RDP Hijacking |
Threat Actors may hijack a legitimate user's SSH session to move laterally within an environment. Secure Shell (SSH) is a standard means of remote access on Linux and macOS systems. It allows a user to connect to another system via an encrypted tunnel, commonly authenticating through a password, certificate or the use of an asymmetric encryption key pair.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.