Home >
ICS >
Participants >
Microsoft >
Remote System Information Discovery (T0888)
|
|
See technique results for:
TRITON |
||||
Step | ATT&CK Pattern |
|
||
9.C.2
|
Tactic Discovery (TA0102) |
|
||
16.B.2
|
Tactic Discovery (TA0102) |
|
Criteria
Evidence of an adversary initiated Get Attribute Single CIP request for the "Device Type" attribute (instance 0x01, class 0x01) of the control PLC (10.0.100.110).
Criteria
Evidence of an adversary initiated Get Attribute Single CIP request for the "Device Type" attribute (instance 0x01, class 0x01) of the safety PLC (10.0.100.105).