Added data related to Dragos Adverseries

This commit is contained in:
Dennis Rand 2018-05-15 12:06:48 +00:00
parent f0cb93c4af
commit 1ab4e4f4cf

View file

@ -1891,7 +1891,8 @@
"meta": { "meta": {
"refs": [ "refs": [
"https://dragos.com/blog/crashoverride/CrashOverride-01.pdf", "https://dragos.com/blog/crashoverride/CrashOverride-01.pdf",
"https://www.welivesecurity.com/wp-content/uploads/2017/06/Win32_Industroyer.pdf" "https://www.welivesecurity.com/wp-content/uploads/2017/06/Win32_Industroyer.pdf",
"https://dragos.com/media/2017-Review-Industrial-Control-System-Threats.pdf"
], ],
"synonyms": [ "synonyms": [
"Sandworm" "Sandworm"
@ -2551,7 +2552,8 @@
"description": "Adversaries abusing ICS (based on Dragos Inc adversary list).", "description": "Adversaries abusing ICS (based on Dragos Inc adversary list).",
"meta": { "meta": {
"refs": [ "refs": [
"https://dragos.com/adversaries.html" "https://dragos.com/adversaries.html",
"https://dragos.com/blog/20180510Allanite.html"
], ],
"mode-of-operation": "Watering-hole and phishing leading to ICS recon and screenshot collection", "mode-of-operation": "Watering-hole and phishing leading to ICS recon and screenshot collection",
"since": "2017", "since": "2017",
@ -2568,7 +2570,8 @@
"description": "Adversaries abusing ICS (based on Dragos Inc adversary list).", "description": "Adversaries abusing ICS (based on Dragos Inc adversary list).",
"meta": { "meta": {
"refs": [ "refs": [
"https://dragos.com/adversaries.html" "https://dragos.com/adversaries.html",
"https://dragos.com/media/2017-Review-Industrial-Control-System-Threats.pdf"
], ],
"mode-of-operation": "IT compromise, information gathering and recon against industrial orgs", "mode-of-operation": "IT compromise, information gathering and recon against industrial orgs",
"since": "2017", "since": "2017",
@ -2586,7 +2589,8 @@
"description": "Adversaries abusing ICS (based on Dragos Inc adversary list).", "description": "Adversaries abusing ICS (based on Dragos Inc adversary list).",
"meta": { "meta": {
"refs": [ "refs": [
"https://dragos.com/adversaries.html" "https://dragos.com/adversaries.html",
"https://dragos.com/media/2017-Review-Industrial-Control-System-Threats.pdf"
], ],
"mode-of-operation": "IT compromise with hardened anti-analysis malware against industrial orgs", "mode-of-operation": "IT compromise with hardened anti-analysis malware against industrial orgs",
"since": "2017", "since": "2017",
@ -2604,7 +2608,8 @@
"description": "Adversaries abusing ICS (based on Dragos Inc adversary list).", "description": "Adversaries abusing ICS (based on Dragos Inc adversary list).",
"meta": { "meta": {
"refs": [ "refs": [
"https://dragos.com/adversaries.html" "https://dragos.com/adversaries.html",
"https://dragos.com/media/2017-Review-Industrial-Control-System-Threats.pdf"
], ],
"mode-of-operation": "Deep ICS environment information gathering, operator credentials, industrial process details", "mode-of-operation": "Deep ICS environment information gathering, operator credentials, industrial process details",
"since": "2016", "since": "2016",
@ -2622,7 +2627,8 @@
"description": "Adversaries abusing ICS (based on Dragos Inc adversary list).", "description": "Adversaries abusing ICS (based on Dragos Inc adversary list).",
"meta": { "meta": {
"refs": [ "refs": [
"https://dragos.com/adversaries.html" "https://dragos.com/adversaries.html",
"https://dragos.com/media/2017-Review-Industrial-Control-System-Threats.pdf"
], ],
"mode-of-operation": "Electric grid disruption and long-term persistence", "mode-of-operation": "Electric grid disruption and long-term persistence",
"since": "2016", "since": "2016",
@ -2639,7 +2645,8 @@
"description": "Adversaries abusing ICS (based on Dragos Inc adversary list).", "description": "Adversaries abusing ICS (based on Dragos Inc adversary list).",
"meta": { "meta": {
"refs": [ "refs": [
"https://dragos.com/adversaries.html" "https://dragos.com/adversaries.html",
"https://dragos.com/media/2017-Review-Industrial-Control-System-Threats.pdf"
], ],
"mode-of-operation": "IT network limited, information gathering against industrial orgs", "mode-of-operation": "IT network limited, information gathering against industrial orgs",
"since": "2016", "since": "2016",
@ -2689,5 +2696,5 @@
], ],
"description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.", "description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.",
"uuid": "7cdff317-a673-4474-84ec-4f1754947823", "uuid": "7cdff317-a673-4474-84ec-4f1754947823",
"version": 39 "version": 40
} }