T1578: T1578

216.73.216.233

View on MITRE ATT&CK The MITRE Corporation · Published 30/08/2019 20:03 · Modified 01/04/2026 19:27

Essential information

MITRE technique ID: T1578
Confidence: 100/100
Revoked: No
Published: 30/08/2019 20:03
Modified: 01/04/2026 19:27
Author / Source: The MITRE Corporation

Aliases

Modify Cloud Compute Infrastructure

Platforms

IaaS

Description

An adversary may attempt to modify a cloud account's compute service infrastructure to evade defenses. A modification to the compute service infrastructure can include the creation, deletion, or modification of one or more components such as compute instances, virtual machines, and snapshots. Permissions gained from the modification of infrastructure components may bypass restrictions that prevent access to existing infrastructure. Modifying infrastructure components may also allow an adversary to evade detection and remove evidence of their presence.(Citation: Mandiant M-Trends 2020)

Kill chain phases

Kill chain	Phase
mitre-attack	defense-evasion

T1578: T1578

Essential information

Aliases

Platforms

Description

Kill chain phases

Marking (TLP)

External references

T1578: T1578

Essential information

Aliases

Platforms

Description

Kill chain phases

Marking (TLP)

External references

Related entities

Intrusion sets (APT) (10)

Malware (32)

Reports (9)

Vulnerabilities (CVE) (2)

Attack patterns (MITRE) (5)

Course Of Action (2)