| ID | Name |
|---|---|
| ATAGS-T1163.001 | SSH Hijacking |
| ATAGS-T1163.002 | RDP Hijacking |
Threat Actors may hijack a legitimate user’s remote desktop session to move laterally within an environment. Remote desktop is a common feature in operating systems. It allows a user to log into an interactive session with a system desktop graphical user interface on a remote system. Microsoft refers to its implementation of the Remote Desktop Protocol (RDP) as Remote Desktop Services (RDS).
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.