Common Information
| Type | Value |
|---|---|
| Value |
Business Relationships - T1591.002 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may gather information about the victim's business relationships that can be used during targeting. Information about an organization’s business relationships may include a variety of details, including second or third-party organizations/domains (ex: managed service providers, contractors, etc.) that have connected (and potentially elevated) network access. This information may also reveal supply chains and shipment paths for the victim’s hardware and software resources. Adversaries may gather this information in various ways, such as direct elicitation via [Phishing for Information](https://attack.mitre.org/techniques/T1598). Information about business relationships may also be exposed to adversaries via online or other accessible data sets (ex: [Social Media](https://attack.mitre.org/techniques/T1593/001) or [Search Victim-Owned Websites](https://attack.mitre.org/techniques/T1594)).(Citation: ThreatPost Broadvoice Leak) Gathering this information may reveal opportunities for other forms of reconnaissance (ex: [Phishing for Information](https://attack.mitre.org/techniques/T1598) or [Search Open Websites/Domains](https://attack.mitre.org/techniques/T1593)), establishing operational resources (ex: [Establish Accounts](https://attack.mitre.org/techniques/T1585) or [Compromise Accounts](https://attack.mitre.org/techniques/T1586)), and/or initial access (ex: [Supply Chain Compromise](https://attack.mitre.org/techniques/T1195), [Drive-by Compromise](https://attack.mitre.org/techniques/T1189), or [Trusted Relationship](https://attack.mitre.org/techniques/T1199)). |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2021-09-29 | 9 | Malvertising: Made in China | ||
| Details | Website | 2021-06-07 | 0 | 3 Hot Internet of Things Topics at IoT StreamConf 2015 | ||
| Details | Website | 2020-12-01 | 0 | The Impact of Modern Ransomware on Manufacturing Networks | ||
| Details | Website | 2020-12-01 | 0 | The Impact of Modern Ransomware on Manufacturing Networks | ||
| Details | Website | 2020-11-11 | 0 | 2020 Phishing and Fraud Report | F5 Labs | ||
| Details | Website | 2020-04-15 | 41 | Guidance on the North Korean Cyber Threat | CISA | ||
| Details | Website | 2020-04-08 | 0 | Satellite Companies, ISPs Feeling the Heat from Hackers | NETSCOUT | ||
| Details | Website | 2019-12-04 | 12 | APT review: what the world’s threat actors got up to in 2019 | ||
| Details | Website | 2019-11-11 | 0 | Fight Edge Vendor Sprawl | ||
| Details | Website | 2019-10-04 | 0 | Third-Party Risk Management – 4 Steps for a Successful Program | ||
| Details | Website | 2019-07-10 | 149 | Virus Bulletin :: VB2019 paper: Pulling the PKPLUG: the adversary playbook for the long-standing espionage activity of a Chinese nation-state adversary | ||
| Details | Website | 2018-11-13 | 7 | How to get a UK IP Address with a VPN for Free [Tested 2023] | ||
| Details | Website | 2018-10-10 | 1 | Thieves and Geeks: Russian and Chinese Hacking Communities | Recorded Future | ||
| Details | Website | 2018-07-25 | 1 | Check Point Software Technologies Reports 2015 First Quarter Financial Results - Check Point Software | ||
| Details | Website | 2018-05-13 | 0 | How to Steal a Million: The Memoirs of a Russian Hacker | ||
| Details | Website | 2018-03-09 | 179 | BAD TRAFFIC: Sandvine’s PacketLogic Devices Used to Deploy Government Spyware in Turkey and Redirect Egyptian Users to Affiliate Ads? | ||
| Details | Website | 2016-03-16 | 6 | Rethinking Path Validation: Pt. 2 | ||
| Details | Website | 2013-01-15 | 148 | Planet Blue Coat: Mapping Global Censorship and Surveillance Tools | ||
| Details | Website | 2010-06-21 | 2 | Defenders of the Faith |