Negatively impact the adversaries operations.
Affect is ultimately about changing the cost-value proposition in cyber operations for the adversary. The defender may want to increase the adversary’s cost to operate or drive down the value they derive from their operations. For example, the defender can negatively impact the adversary’s on-network operations to drive up the resource cost of doing operations by slowing down or selectively resetting connections to impact exfiltration. This type of activity increases the adversary’s time on target and wastes their resources. To drive down the value of stolen data, a defender could provide an adversary deliberately conflicting information. Providing such information requires an adversary to either choose to believe one piece of data over another, disregard both, collect more data, or continue with uncertainty.
All these options increase operational costs and decrease the value of collected data. Engage defines three approaches to make progress towards the Affect goal.
|Prevention||Stop all or part of the adversary's ability to conduct their operation as intended.||EAP0003|
|Direction||Encourage or discourage the adversary from conducting their operation as intended.||EAP0004|
|Disruption||Impair an adversary's ability to conduct their operation as intended.||EAP0005|