Cервис управления информационной безопасностью
Cервис управления информационной безопасностью
Поиск
Вход Регистрация
MITRE ATT&CK - Контрмера Out-of-Band Communications Channel
Риски
Каталоги
MITRE ATT&CK
Контрмеры
Out-of-Band Communications Cha...
Куда я попал?
SECURITM это SGRC система, ? автоматизирующая процессы в службах информационной безопасности. SECURITM помогает построить и управлять ИСПДн, КИИ, ГИС, СМИБ/СУИБ, банковскими системами защиты.
А еще SECURITM это место для обмена опытом и наработками для служб безопасности.
Подробнее
Наш канал

Out-of-Band Communications Channel

Establish secure out-of-band communication channels to ensure the continuity of critical communications during security incidents, data integrity attacks, or in-network communication failures. Out-of-band communication refers to using an alternative, separate communication path that is not dependent on the potentially compromised primary network infrastructure. This method can include secure messaging apps, encrypted phone lines, satellite communications, or dedicated emergency communication systems. Leveraging these alternative channels reduces the risk of adversaries intercepting, disrupting, or tampering with sensitive communications and helps coordinate an effective incident response.(Citation: TrustedSec OOB Communications)(Citation: NIST Special Publication 800-53 Revision 5)
ID: M1060
Version: 1.0
Created: 30 Aug 2024
Last Modified: 12 Oct 2024

Techniques Addressed by Mitigation
Domain ID Name Use
Enterprise T1213 Data from Information Repositories

Create plans for leveraging a secure out-of-band communications channel, rather than existing in-network chat applications, in case of a security incident.(Citation: TrustedSec OOB Communications)

T1213.005 Messaging Applications

Implement secure out-of-band communication channels to use as an alternative to in-network chat applications during a security incident. This ensures that critical communications remain secure even if primary messaging channels are compromised by adversaries.(Citation: TrustedSec OOB Communications)

Enterprise T1489 Service Stop

Develop and enforce security policies that include the use of out-of-band communication channels for critical communications during a security incident.(Citation: TrustedSec OOB Communications)

Enterprise T1114 Email Collection

Use secure out-of-band authentication methods to verify the authenticity of critical actions initiated via email, such as password resets, financial transactions, or access requests. For highly sensitive information, utilize out-of-band communication channels instead of relying solely on email to prevent adversaries from collecting data through compromised email accounts.(Citation: TrustedSec OOB Communications)

T1114.001 Local Email Collection

Implement secure out-of-band alerts to notify security teams of unusual local email activities, such as mass forwarding or large attachments being sent, indicating potential data exfiltration attempts.(Citation: TrustedSec OOB Communications)

T1114.002 Remote Email Collection

Use secure out-of-band authentication methods to verify the authenticity of critical actions initiated via email, such as password resets, financial transactions, or access requests. For highly sensitive information, utilize out-of-band communication channels instead of relying solely on email. This reduces the risk of sensitive data being collected through compromised email accounts. Set up out-of-band alerts to notify security teams of unusual email activities, such as mass forwarding or large attachments being sent, which could indicate email collection attempts. Create plans for leveraging a secure out-of-band communications channel, rather than an existing in-network email server, in case of a security incident.(Citation: TrustedSec OOB Communications)

T1114.003 Email Forwarding Rule

Use secure out-of-band authentication methods to verify the authenticity of critical actions initiated via email, such as password resets, financial transactions, or access requests. For highly sensitive information, utilize out-of-band communication channels instead of relying solely on email. This reduces the risk of sensitive data being collected through compromised email accounts. Set up out-of-band alerts to notify security teams of unusual email activities, such as mass forwarding or large attachments being sent, which could indicate email collection attempts. Create plans for leveraging a secure out-of-band communications channel, rather than an existing in-network email server, in case of a security incident.(Citation: TrustedSec OOB Communications)

References

  1. National Institute of Standards and Technology. (2020, September). Security and Privacy Controlsfor Information Systems and Organizations. Retrieved August 30, 2024.
  2. National Institute of Standards and Technology. (2020, September). Security and Privacy Controlsfor Information Systems and Organizations. Retrieved August 30, 2024.
  3. National Institute of Standards and Technology. (2020, September). Security and Privacy Controlsfor Information Systems and Organizations. Retrieved August 30, 2024.
  4. National Institute of Standards and Technology. (2020, September). Security and Privacy Controlsfor Information Systems and Organizations. Retrieved August 30, 2024.
  5. National Institute of Standards and Technology. (2020, September). Security and Privacy Controlsfor Information Systems and Organizations. Retrieved August 30, 2024.
  6. National Institute of Standards and Technology. (2020, September). Security and Privacy Controlsfor Information Systems and Organizations. Retrieved August 30, 2024.
  7. National Institute of Standards and Technology. (2020, September). Security and Privacy Controlsfor Information Systems and Organizations. Retrieved August 30, 2024.
  8. Tyler Hudak. (2022, December 29). To OOB, or Not to OOB?: Why Out-of-Band Communications are Essential for Incident Response. Retrieved August 30, 2024.
  9. Tyler Hudak. (2022, December 29). To OOB, or Not to OOB?: Why Out-of-Band Communications are Essential for Incident Response. Retrieved August 30, 2024.
  10. Tyler Hudak. (2022, December 29). To OOB, or Not to OOB?: Why Out-of-Band Communications are Essential for Incident Response. Retrieved August 30, 2024.
  11. Tyler Hudak. (2022, December 29). To OOB, or Not to OOB?: Why Out-of-Band Communications are Essential for Incident Response. Retrieved August 30, 2024.
  12. Tyler Hudak. (2022, December 29). To OOB, or Not to OOB?: Why Out-of-Band Communications are Essential for Incident Response. Retrieved August 30, 2024.
  13. Tyler Hudak. (2022, December 29). To OOB, or Not to OOB?: Why Out-of-Band Communications are Essential for Incident Response. Retrieved August 30, 2024.
  14. Tyler Hudak. (2022, December 29). To OOB, or Not to OOB?: Why Out-of-Band Communications are Essential for Incident Response. Retrieved August 30, 2024.
Навигация

Мы используем cookie-файлы, чтобы получить статистику, которая помогает нам улучшить сервис для вас с целью персонализации сервисов и предложений. Вы может прочитать подробнее о cookie-файлах или изменить настройки браузера. Продолжая пользоваться сайтом, вы даёте согласие на использование ваших cookie-файлов и соглашаетесь с Политикой обработки персональных данных.