Tactics
Mirroring the structure of MITRE ATT&CK, the ESTM™ utilizes “Tactics” to categorize similar techniques based on the adversary’s objective. This aligns with the principle that understanding the “why” behind an attack—the adversary’s tactical goal—is crucial for effective defense.
| ID | Name | Description |
|---|---|---|
| ETAC013 | Reconnaissance | Reconnaissance consists of techniques that involve adversaries actively or passively gathering information that can be used to support targeting a specific device or network for further action. |
| ETAC001 | Initial Access | A Cyber Embedded Tactic in which the adversary is trying to get to gain access to an embedded system or component. |
| ETAC002 | Execution | A Cyber Embedded Tactic in which the adversary is trying to run malicious code on an embedded system or component. |
| ETAC003 | Persistence | A Cyber Embedded Tactic in which the adversary is trying to maintain their foothold on an embedded system or component. |
| ETAC004 | Privilege Escalation | A Cyber Embedded Tactic in which the adversary is trying to gain higher-level permissions on an embedded system or component. |
| ETAC005 | Defense Evasion | A Cyber Embedded Tactic in which the adversary is trying to avoid being detected on an embedded system or component. |
| ETAC006 | Credential Access | A Cyber Embedded Tactic in which the adversary is trying to steal credentials for an embedded system or component. |
| ETAC007 | Discovery | A Cyber Embedded Tactic in which the adversary is trying to map out a system's embedded system or component environment. |
| ETAC008 | Lateral Movement | A Cyber Embedded Tactic in which the adversary is trying to move through an environment via embedded systems or components. |
| ETAC009 | Collection | A Cyber Embedded Tactic in which the adversary is trying to gather data of interest for embedded systems or components. |
| ETAC010 | Command and Control | A Cyber Embedded Tactic in which the adversary is trying to command and control a compromised system via embedded systems or components. |
| ETAC011 | Exfiltration | A Cyber Embedded Tactic in which the adversary is trying to steal data via an embedded system or component. |
| ETAC012 | Impact | A Cyber Embedded Tactic in which the adversary is trying to manipulate, interrupt, disable, damage, or destroy a system, data, and or physical system control processes via an embedded system or component. |