CSPM EDP Sciences logo
Submit your paper
Search
Menu
All issues Volume 4 (2025) Security and Safety, 4 (2025) 2025003 Full HTML

Table 1.

Techniques used by adversary in ATT&CK model

ID Technique Name Adversary Behaviour
T1590 Gather Victim Network Information Collect the information of the banking network.
T1595.002 Vulnerability Scanning Perform vulnerability scan on credit card processing system.
T1592 Gather Victim Host Information Collect the information of the credit card processing system and online shopping system.
T1597.002 Purchase Technical Data Purchase technical information about routers deployed in the target bank from the supplier.
T1586 Compromise Accounts Bring active credit card numbers and consumer identities from the black market.
T1587.004 Exploits Develop vulnerability exploitation malicious code against the routers, credit card processing system, and the online shopping systems.
T1133 External Remote Services Leverage external-facing remote services to initially access, exploite the vulnerability to pre-implant malicious code and persist in the routers.
T1190 Exploit Public-Facing Application Exploit the corresponding vulnerabilities in the credit card processing system and the online shopping system to initially access these hosts and pre-implant malicious code in them.
T1203 Exploitation for Client Execution Make the online shopping system unable to check the illegal payments.
T1489 Service Stop Make the routers down and disrupts the network, and paralyze the credit card processing system.
T1490 Inhibit System Recovery Continually re-insert exploit code into the routers’ recovered systems.
T1059 Command and Scripting Interpreter Trigger the credit card processing system malicious code.
T1078 Valid Accounts Launch fraudulent on-line transactions using a large number of illegally obtained valid credit card accounts.

Current usage metrics show cumulative count of Article Views (full-text article views including HTML views, PDF and ePub downloads, according to the available data) and Abstracts Views on Vision4Press platform.

Data correspond to usage on the plateform after 2015. The current usage metrics is available 48-96 hours after online publication and is updated daily on week days.

Initial download of the metrics may take a while.