Threat actors may interrupt availability of system and network resources by inhibiting access to accounts utilized by legitimate users. Accounts may be deleted, locked, or manipulated (ex: changed credentials, revoked permissions for SaaS platforms such as Sharepoint) to remove access to accounts. Threat actors may also subsequently log off and/or perform a System Shutdown/Reboot to set malicious changes into place.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.