{"description": "ICS techniques mitigated by Mitigation Limited or Not Effective, ATT&CK mitigation M0816 (v1.0)", "name": "Mitigation Limited or Not Effective (M0816)", "domain": "ics-attack", "versions": {"layer": "4.5", "attack": "17", "navigator": "5.1.0"}, "techniques": [{"techniqueID": "T0823", "comment": "Once an adversary has access to a remote GUI they can abuse system features, such as required HMI functions.\n", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0877", "comment": "This technique may not be effectively mitigated against, consider controls for assets and processes that lead to the use of this technique.\n", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0835", "comment": "This technique may not be effectively mitigated against, consider controls for assets and processes that lead to the use of this technique.\n", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0801", "comment": "This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.\n", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0840", "comment": "Network connection enumeration is likely obtained by using common system tools (e.g., netstat, ipconfig).\n", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0852", "comment": "Preventing screen capture on a device may require disabling various system calls supported by the operating systems (e.g., Microsoft WindowsGraphicsCaputer APIs), however, these may be needed for other critical applications.\n", "score": 1, "color": "#66b1ff", "showSubtechniques": false}], "gradient": {"colors": ["#ffffff", "#66b1ff"], "minValue": 0, "maxValue": 1}, "legendItems": [{"label": "mitigated by Mitigation Limited or Not Effective", "color": "#66b1ff"}]}