MITRE ATT&CK V14 Released

MITRE has released the ATT&CK v14 that includes enhanced detection guidance for many techniques, expanded scope on Enterprise and Mobile, ICS assets, and mobile structured detections.

The latest version of MITRE ATT&CK contains 760 pieces of software, 143 groups, and 24 campaigns. Broken out by domain – Enterprise: 201 techniques, 424 sub-techniques, 141 groups, 648 pieces of software, 23 campaigns, 43 mitigations, and 109 data sources; Mobile – 72 techniques, 42 sub-techniques, 8 groups, 108 pieces of software, 1 campaign, 12 mitigations, and 15 data sources; and ICS – 81 techniques, 13 groups, 21 pieces of software, 52 mitigations, 3 campaigns, 14 assets, and 34 data sources.

ATT&CK v14 enables enhanced relationships between detections, data sources, and mitigations. This release includes updated technique alignments to data sources and mitigations, better reflecting the most effective defensive measures for the impacted techniques.

ATT&CK v14 features 14 inaugural assets, representing the primary functional components of the systems associated with the ICS domain. These asset pages include in-depth definitions, meticulous mappings to techniques, and a list of related assets. The primary goals for assets are to provide a common language for inter-sector communication and to empower underrepresented sectors to leverage ATT&CK mappings, fostering meaningful communication about risks and threats.

With Enterprise increasing its scope a bit, Mobile has also expanded its coverage to include Phishing, which encompasses phishing attempts through vectors including SMS messaging (smishing), Quick Response (QR) codes (quishing), and phone calls (vishing).

Mobile phishing features a new mitigation (M1058: Antivirus/Antimalware) to enhance anti-virus and malware defenses. Also, this release has Mobile structured detections. This allows you to explicitly see the required inputs (Data Sources) for each detection, along with how to analyze the data to identify a specific technique (detection). Structured detections are part of the ongoing endeavor to bring Mobile to parity with Enterprise.

MITRE also refined the navigation bar of the ATT&CK website, streamlining its structure and content to enhance the user experience and overall ease of navigation bar that will strike a balance between necessary links and user needs The updated navigation bar features a single dynamic menu display, with access to secondary links (most previously featured on the primary bar) in associated dropdown menus.”