| ID | Name |
|---|---|
| ATAGS-T1167.001 | Archive via Utility |
| ATAGS-T1167.002 | Archive via Library |
| ATAGS-T1167.003 | Archive via Custom Method |
Threat Actors may use utilities to compress and/or encrypt collected data prior to exfiltration. Many utilities include functionalities to compress, encrypt, or otherwise package data into a format that is easier/more secure to transport.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.