We welcome your feedback about MITRE Engage™ v0.9 Beta: Email us at engage@mitre.org

Reassurance

Add authenticity to deceptive components to convince an adversary that an environment is real.

Reassurance is used to add authenticity to deceptive components to reduce adversary suspicion about the legitimacy of the environment. Activities include adding realistic user accounts, files, system activity, and any other content that an adversary might expect to find on the system. Reassurance may add new artifacts, such as peripherals and pocket litter, while concealing others, such as how recently an environment was stood up. If done correctly, Reassurance may help to make an adversary feel more comfortable upon landing in a new environment. This initial level of comfort can help anchor the adversary in the environment, increasing their tolerance to faults or weaknesses discovered later.

Details
ID: EAP0006
Type:  Engagement
Goals:  Elicit

Activities

Activity NameDescriptionID
Application Diversity Present the adversary with a variety of installed applications and services. EAC0006
Artifact Diversity Present the adversary with a variety of network and system artifacts. EAC0022
Burn-In Exercise a target system in a manner where it will generate desirable system artifacts. EAC0008
Email Manipulation Modify the flow of email in the environment. EAC0009
Information Manipulation Conceal and reveal both facts and fictions to support a deception story EAC0015
Network Diversity Use a diverse set of devices on the network to help establish the legitimacy of a decoy network. EAC0007
Peripheral Management Manage peripheral devices used on systems within the network for engagement purposes. EAC0010
Pocket Litter Place data on a system to reinforce the legitimacy of the system or user. EAC0011