- Tactics
- Lateral Movement
- Maturity
- demonstrated
- Reference
- atlas.mitre.org/techniques/AML.T0091
Description
Adversaries may use alternate authentication material, such as password hashes, Kerberos tickets, and application access tokens, in order to move laterally within an environment and bypass normal system access controls.
AI services commonly use alternate authentication material as a primary means for users to make queries, making them vulnerable to this technique.
Sub-techniques
How GTK Cyber trains on this
GTK Cyber's hands-on AI security courses cover adversarial-AI techniques across the MITRE ATLAS framework, including the Lateral Movement tactic this technique falls under. Our practitioner-led training is taught by Charles Givre and other field-tested SMEs and focuses on real adversarial scenarios, not slide decks.