EXPLORE
← Back to Explore
T1537

Transfer Data to Cloud Account

Adversaries may exfiltrate data by transferring the data, including through sharing/syncing and creating backups of cloud environments, to another cloud account they control on the same service. A defender who is monitoring for large transfers to outside the cloud environment through normal file transfers or over command and control channels may not be watching for data transfers to another account within the same cloud provider. Such transfers may utilize existing cloud provider APIs and the i...

IaaSOffice SuiteSaaS
27
Detections
3
Sources
3
Threat Actors

BY SOURCE

14elastic7splunk_escu6sigma

PROCEDURES (18)

Aws2 detections

Auto-extracted: 2 detections for aws

Cloud2 detections

Auto-extracted: 2 detections for cloud

C22 detections

Auto-extracted: 2 detections for c2

General Monitoring2 detections

Auto-extracted: 2 detections for general monitoring

Exfiltrat2 detections

Auto-extracted: 2 detections for exfiltrat

Persist2 detections

Auto-extracted: 2 detections for persist

Tamper1 detections

Auto-extracted: 1 detections for tamper

Container1 detections

Auto-extracted: 1 detections for container

Credential1 detections

Auto-extracted: 1 detections for credential

Container1 detections

Auto-extracted: 1 detections for container

Exfiltrat1 detections

Auto-extracted: 1 detections for exfiltrat

Exfiltrat1 detections

Auto-extracted: 1 detections for exfiltrat

Exfiltrat1 detections

Auto-extracted: 1 detections for exfiltrat

Api1 detections

Auto-extracted: 1 detections for api

Credential1 detections

Auto-extracted: 1 detections for credential

Cloud Monitoring1 detections

Auto-extracted: 1 detections for cloud monitoring

Service1 detections

Auto-extracted: 1 detections for service

C21 detections

Auto-extracted: 1 detections for c2

DETECTIONS (27)