Data from Configuration Repository (T1602)

View on ATT&CK

In Playbook

Technique & Subtechniques

Associated Tactics

  • Collection

Collection (TA0009)

The adversary is trying to gather data of interest to their goal. Collection consists of techniques adversaries may use to gather information and the sources information is collected from that are relevant to following through on the adversary's objectives. Frequently, the next goal after collecting data is to either steal (exfiltrate) the data or to use the data to gain more information about the target environment. Common target sources include various drive types, browsers, audio, video, and email. Common collection methods include capturing screenshots and keyboard input.

View on ATT&CK

Procedure Examples

Description Source(s)
Cisco. (2008, June 10). Identifying and Mitigating Exploitation of the SNMP Version 3 Authentication Vulnerabilities. Retrieved October 19, 2020. Cisco Advisory SNMP v3 Authentication Vulnerabilities
US-CERT. (2017, June 5). Reducing the Risk of SNMP Abuse. Retrieved October 19, 2020. US-CERT TA17-156A SNMP Abuse 2017
US-CERT. (2018, April 20). Alert (TA18-106A) Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices. Retrieved October 19, 2020. US-CERT-TA18-106A