- Tactics
- Initial Access , Privilege Escalation
- Maturity
- realized
- Reference
- atlas.mitre.org/techniques/AML.T0012
Description
Adversaries may obtain and abuse credentials of existing accounts as a means of gaining Initial Access. Credentials may take the form of usernames and passwords of individual user accounts or API keys that provide access to various AI resources and services.
Compromised credentials may provide access to additional AI artifacts and allow the adversary to perform Discover AI Artifacts. Compromised credentials may also grant an adversary increased privileges such as write access to AI artifacts used during development or production.
How GTK Cyber trains on this
GTK Cyber's hands-on AI security courses cover adversarial-AI techniques across the MITRE ATLAS framework, including the Initial Access, Privilege Escalation tactic this technique falls under. Our practitioner-led training is taught by Charles Givre and other field-tested SMEs and focuses on real adversarial scenarios, not slide decks.
Related techniques
- AML.T0010 — AI Supply Chain Compromise
- AML.T0015 — Evade AI Model
- AML.T0049 — Exploit Public-Facing Application
- AML.T0052 — Phishing
- AML.T0053 — AI Agent Tool Invocation
- AML.T0054 — LLM Jailbreak
- AML.T0078 — Drive-by Compromise
- AML.T0093 — Prompt Infiltration via Public-Facing Application
- AML.T0105 — Escape to Host