Firmware Corruption (T1495)

View on ATT&CK

In Playbook

Technique & Subtechniques

  • Firmware Corruption

Associated Tactics

  • Impact

Impact (TA0040)

The adversary is trying to manipulate, interrupt, or destroy your systems and data. Impact consists of techniques that adversaries use to disrupt availability or compromise integrity by manipulating business and operational processes. Techniques used for impact can include destroying or tampering with data. In some cases, business processes can look fine, but may have been altered to benefit the adversaries’ goals. These techniques might be used by adversaries to follow through on their end goal or to provide cover for a confidentiality breach.

View on ATT&CK

Procedure Examples

Description Source(s)
CISA. (2022, April 28). Alert (AA22-057A) Update: Destructive Malware Targeting Organizations in Ukraine. Retrieved July 29, 2022. cisa_malware_orgs_ukraine
U.S. Department of Homeland Security. (2016, August 30). The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations. Retrieved July 29, 2022. dhs_threat_to_net_devices
Upham, K. (2014, March). Going Deep into the BIOS with MITRE Firmware Security Research. Retrieved January 5, 2016. MITRE Trustworthy Firmware Measurement
Yamamura, M. (2002, April 25). W95.CIH. Retrieved April 12, 2019. Symantec Chernobyl W95.CIH