| ID | Name |
|---|---|
| ATAGS-T1194.001 | IDE Tunneling |
| ATAGS-T1194.002 | Remote Desktop Software |
| ATAGS-T1194.003 | Remote Access Hardware |
Threat Actors may use legitimate remote access hardware to establish an interactive command and control channel to target systems within networks. These services, including IP-based keyboard, video, or mouse (KVM) devices such as TinyPilot and PiKVM, are commonly used as legitimate tools and may be allowed by peripheral device policies within a target environment.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.