← Back to ATLAS MatrixTactic 3 of 15

Initial Access

The adversary is trying to get into your AI system.

3 Techniques

MITRE ATLAS Framework

Attack Techniques

Explore the specific techniques adversaries use during the initial access phase of AI attacks.

1

AML.T0010

Exploit Public-Facing Application

Adversaries may exploit public-facing applications to gain initial access to AI systems.

Examples:

•Exploiting AI model APIs
•Attacking AI web interfaces
•Compromising AI service endpoints

Mitigations:

✓Regular security testing
✓Input validation
✓API security controls

References:

MITRE ATLAS AML.T0010

2

AML.T0012

External Remote Services

Adversaries may use external remote services to gain initial access to AI systems.

Examples:

•Using VPN services
•Leveraging cloud access
•Exploiting remote desktop services

Mitigations:

✓Multi-factor authentication
✓Network segmentation
✓Access monitoring

References:

MITRE ATLAS AML.T0012

3

AML.T0015

Hardware Additions

Adversaries may add hardware to gain initial access to AI systems.

Examples:

•Adding malicious hardware
•Installing rogue devices
•Compromising physical infrastructure

Mitigations:

✓Physical security controls
✓Hardware inventory management
✓Regular physical audits

References:

MITRE ATLAS AML.T0015

← Resource Development ATLAS Matrix AI Model Access →