Impact (15 techniques)
Manipulating, interrupting, or destroying systems and data.
The Impact tactic groups MITRE ATT&CK techniques used by adversaries tomanipulating, interrupting, or destroying systems and data. Each technique below has its own page with detection guidance, platforms, and sub-techniques.
- T1485 — Data DestructionContainers, ESXi, IaaS, Linux, macOS, Windows
- T1486 — Data Encrypted for ImpactESXi, IaaS, Linux, macOS, Windows
- T1489 — Service StopESXi, IaaS, Linux, macOS, Windows
- T1490 — Inhibit System RecoveryContainers, ESXi, IaaS, Linux, macOS, Network Devices, Windows
- T1491 — DefacementWindows, IaaS, Linux, macOS, ESXi
- T1495 — Firmware CorruptionLinux, macOS, Network Devices, Windows
- T1496 — Resource HijackingWindows, IaaS, Linux, macOS, Containers, SaaS
- T1498 — Network Denial of ServiceWindows, IaaS, Linux, macOS, Containers
- T1499 — Endpoint Denial of ServiceWindows, Linux, macOS, Containers, IaaS
- T1529 — System Shutdown/RebootESXi, Linux, macOS, Network Devices, Windows
- T1531 — Account Access RemovalLinux, macOS, Windows, SaaS, IaaS, Office Suite, ESXi
- T1561 — Disk WipeLinux, macOS, Windows, Network Devices
- T1565 — Data ManipulationLinux, macOS, Windows
- T1657 — Financial TheftLinux, macOS, Office Suite, SaaS, Windows
- T1667 — Email BombingLinux, Office Suite, Windows, macOS
Detection engineering training, taught by practitioners.
Learn how to build real detections across the MITRE ATT&CK framework.
View Courses