Eliminating MITRE Attacks With Confidential Computing - T1059: Command And Script Interpreter

A person with glasses is programming on a computer with dual monitors displaying code, in an office setting.
Published on
Jun 2, 2022
How do I protect against MITRE Attacks T1059: Command and Script Interpreter? You use Anjuna and Confidential Computing to eliminate the vulnerability of command lines found within the OS.
https://www.anjuna.io/blog/anjuna-eliminates-mitre-attack-t1059

In a recently published white paper, Anjuna Security analyzed the complete MITRE attack matrix and found 77 Mitre attacks that Confidential Computing can instantly eliminate. Through this series of blogs, we will cover in detail the top five critical attacks to be aware of and address how Confidential Computing paired with Anjuna software can abolish these attacks forever!

MITRE Attack T1059: Command and Scripting Interpreter

One of the most prevalent attack techniques used and cataloged within MITRE is T1059: Command and Scripting Interpreter. In this attack, an adversary with access to the scripting language included as part of the operating system (OS), such as Unix Shell, AppleScript, Python, PowerShell, JavaScript, and others, is used as a podium to execute nefarious commands. MITRE has referenced over 20 concrete attacks that employed this approach; two examples recently used for ransomware attacks include the ZeusPanda script and Fivehands ransomware. Once the attacker has command line access or root access, they can abuse those scripting languages as a way to execute commands and create remote execution capabilities; thereby obtaining access to anything that the OS can access.

How to Protect Against MITRE Attack T1059

Your organization can use Anjuna Confidential Computing software to eliminate the vulnerability of command lines found within the OS - essentially removing command line access as an attack vector.

Anjuna provides you with the means to instantly and seamlessly adopt Confidential Computing technology in any environment (on-premises, hybrid, multi-cloud) to protect against the Command and Scripting Interpreter attack. Through the use of attestation, Anjuna ensures that only the intended applications and the intended code can be executed when run in a secure enclave, thereby preventing any bad actors who seek to exploit vulnerabilities using command and script interpreters.

Learn More About Other Attacks!

To learn more about the other 76 attacks that Anjuna Confidential Computing software can protect against and how you can instantly adopt default protection across your entire environment, take a look at the full MITRE white paper below!

Eliminate 77 MITRE Attacks With Anjuna

The next blog in the series will focus on T1554: Compromise Client Software Binary. So be sure to stay tuned!

More like this
Protecting Sensitive Workloads and Key Material with Confidential Computing: Lessons from the Reported Oracle Breach
Protecting Sensitive Workloads and Key Material with Confidential Computing: Lessons from the Reported Oracle Breach
When the People’s Car Data Becomes the Attackers’ Car Data: Anatomy of a Data-in-Use Attack and How to Mitigate it
When the People’s Car Data Becomes the Attackers’ Car Data: Anatomy of a Data-in-Use Attack and How to Mitigate it
Governance, zero trust, and data-in-use: What you need to know about NIST CSF 2.0
Governance, zero trust, and data-in-use: What you need to know about NIST CSF 2.0
Get Started Free with Anjuna Seaglass

Try free for 30 days on AWS, Azure or Google Cloud, and experience the power of intrinsic cloud security.

Start Free
Attacks and Vulnerabilities