Alter the hardware configuration of a system to limit what an adversary can do with the device.
Hardware Manipulation can include physical or configuration changes to the hardware in the environment. This manipulation can include physically removing a system's microphone, camera, on-board Wi-Fi adapter, etc. or using software controls to disable those devices. These types of manipulations can affect the adversary's ability to achieve their operational objectives by incurring an increased resource cost, forcing them to change tactics, or stopping them altogether.
Hardware Manipulation is often required to maintain operational safety. For example, if the operation includes Detonating Malware using a laptop physically located in a shared space, it is likely that the defender will not have the ability to hide the legitimate conversations and individuals present in the space. Unless the defender has the ability to control the background sounds and visuals, it is likely too risky to leave the camera and microphone connected to the machine.
|ATT&CK® Tactics||Adversary Vulnerability Presented|
|Collection||When adversaries rely on specific resources to be enabled, accessible, and/or vulnerable, they are vulnerable to their operations being disrupted if the resources are disabled, removed, or otherwise made invulnerable.|