Modify Controller Tasking (T0821)

View on ATT&CK

In Playbook

Technique & Subtechniques

  • Modify Controller Tasking

Associated Tactics

  • Execution

Execution (TA0104)

The adversary is trying to run code or manipulate system functions, parameters, and data in an unauthorized way. Execution consists of techniques that result in adversary-controlled code running on a local or remote system, device, or other asset. This execution may also rely on unknowing end users or the manipulation of device operating modes to run. Adversaries may infect remote targets with programmed executables or malicious project files that operate according to specified behavior and may alter expected device behavior in subtle ways. Commands for execution may also be issued from command-line interfaces, APIs, GUIs, or other available interfaces. Techniques that run malicious code may also be paired with techniques from other tactics, particularly to aid network [Discovery](https://attack.mitre.org/tactics/TA0102) and [Collection](https://attack.mitre.org/tactics/TA0100), impact operations, and inhibit response functions.

View on ATT&CK

Procedure Examples

Description Source(s)
IEC 2013, February 20 IEC 61131-3:2013 Programmable controllers - Part 3: Programming languages Retrieved. 2019/10/22 IEC February 2013