Skip to main content
MuonPartners
Services
Architecture

Solution design and technology roadmapping

Solution AssessmentTechnology RoadmapsIntegration DesignSolution ArchitectureTechnical Design
Cyber Security

Security assessments, IAM, and compliance

AssessmentsIAMComplianceSecurity BaselineCyber Innovation
Network and Platform

Network architecture and cloud platforms

Network DesignCloud StrategyModernisation
Enterprise Architecture

Business-technology alignment

Business AlignmentPortfolio AnalysisGovernance
View all services
ProjectsCase StudiesInsightsToolsAbout
Contact Us

Services

Architecture
Solution AssessmentTechnology RoadmapsIntegration DesignSolution ArchitectureTechnical Design
Cyber Security
AssessmentsIAMComplianceSecurity BaselineCyber Innovation
Network and Platform
Network DesignCloud StrategyModernisation
Enterprise Architecture
Business AlignmentPortfolio AnalysisGovernance
ProjectsCase StudiesInsightsToolsAboutContact
Get in Touch
MuonPartners

Strategic technology consulting for Australian organisations navigating complexity.

Services

  • Architecture
  • Cyber Security
  • Network and Platform
  • Enterprise Architecture

Company

  • About
  • Products
  • Frameworks
  • Cross-Framework Mapping
  • Projects
  • Case Studies
  • Insights
  • Contact

Contact

  • [email protected]
  • Australia
  • LinkedIn

© 2026 Muon Partners. All rights reserved.

ABN 50 669 022 315 · A Muon Group company.

Privacy PolicyTerms of Service
  1. Frameworks
  2. >ATTACK
  3. >Impact
  4. >ATTACK-T1565.002
ATTACK-T1565.002Active

Transmitted Data Manipulation

Statement

Adversaries may alter data en route to storage or other systems in order to manipulate external outcomes or hide activity, thus threatening the integrity of the data.(Citation: FireEye APT38 Oct 2018)(Citation: DOJ Lazarus Sony 2018) By manipulating transmitted data, adversaries may attempt to affect a business process, organizational understanding, and decision making.

Manipulation may be possible over a network connection or between system processes where there is an opportunity deploy a tool that will intercept and change information. The type of modification and the impact it will have depends on the target transmission mechanism as well as the goals and objectives of the adversary. For complex systems, an adversary would likely need special expertise and possibly access to specialized software related to the system that would typically be gained through a prolonged information gathering campaign in order to have the desired impact.

Location

Tactic
Impact

Technique Details

Identifier
ATTACK-T1565.002
Parent Technique
ATTACK-T1565
ATT&CK Page
View on MITRE

Tactics

Impact

Platforms

LinuxmacOSWindows

Detection

Detection Strategy of Transmitted Data Manipulation

Mitigations

Encrypt Sensitive Information: Protect sensitive information at rest, in transit, and during processing by using strong encryption algorithms. Encryption ensures the confidentiality and integrity of data, preventing unauthorized access or tampering. This mitigation can be implemented through the following measures:

Encrypt Data at Rest:

  • Use Case: Use full-disk encryption or file-level encryption to secure sensitive data stored on devices.
  • Implementation: Implement BitLocker for Windows systems or FileVault for macOS devices to encrypt hard drives.

Encrypt Data in Transit:

  • Use Case: Use secure communication protocols (e.g., TLS, HTTPS) to encrypt sensitive data as it travels over networks.
  • Implementation: Enable HTTPS for all web applications and configure mail servers to enforce STARTTLS for email encryption.

Encrypt Backups:

  • Use Case: Ensure that backup data is encrypted both during storage and transfer to prevent unauthorized access.
  • Implementation: Encrypt cloud backups using AES-256 before uploading them to Amazon S3 or Google Cloud.

Encrypt Application Secrets:

  • Use Case: Store sensitive credentials, API keys, and configuration files in encrypted vaults.
  • Implementation: Use HashiCorp Vault or AWS Secrets Manager to manage and encrypt secrets.

Database Encryption:

  • Use Case: Enable Transparent Data Encryption (TDE) or column-level encryption in database management systems.
  • Implementation: Use MySQL’s built-in encryption features to encrypt sensitive database fields such as social security numbers.
SP 800-53
SP800-53-AC-16relatedvia ctid-attack-to-sp800-53
SP800-53-AC-17relatedvia ctid-attack-to-sp800-53
SP800-53-AC-18relatedvia ctid-attack-to-sp800-53
SP800-53-AC-19relatedvia ctid-attack-to-sp800-53
SP800-53-AC-20relatedvia ctid-attack-to-sp800-53
View in graphReport an issue
← Back to Impact
Impact33 controls
ATTACK-T1485Data DestructionATTACK-T1485.001Lifecycle-Triggered DeletionATTACK-T1486Data Encrypted for ImpactATTACK-T1489Service StopATTACK-T1490Inhibit System RecoveryATTACK-T1491DefacementATTACK-T1491.001Internal DefacementATTACK-T1491.002External DefacementATTACK-T1495Firmware CorruptionATTACK-T1496Resource HijackingATTACK-T1496.001Compute HijackingATTACK-T1496.002Bandwidth HijackingATTACK-T1496.003SMS PumpingATTACK-T1496.004Cloud Service HijackingATTACK-T1498Network Denial of ServiceATTACK-T1498.001Direct Network FloodATTACK-T1498.002Reflection AmplificationATTACK-T1499Endpoint Denial of ServiceATTACK-T1499.001OS Exhaustion FloodATTACK-T1499.002Service Exhaustion FloodATTACK-T1499.003Application Exhaustion FloodATTACK-T1499.004Application or System ExploitationATTACK-T1529System Shutdown/RebootATTACK-T1531Account Access RemovalATTACK-T1561Disk WipeATTACK-T1561.001Disk Content WipeATTACK-T1561.002Disk Structure WipeATTACK-T1565Data ManipulationATTACK-T1565.001Stored Data ManipulationATTACK-T1565.002Transmitted Data ManipulationATTACK-T1565.003Runtime Data ManipulationATTACK-T1657Financial TheftATTACK-T1667Email Bombing