Batch Job Tampering
highbatch-job-tampering
Attacker modifies batch job definitions, scripts, or execution environment to execute malicious code or access unauthorized resources
TamperingElevation of Privilege
MITRE ATT&CK techniques
| ID | Name | Tactic |
|---|---|---|
| T1059 | Command and Scripting Interpreter | Execution |
| T1053 | Scheduled Task/Job | Persistence |
Common Weakness Enumeration
Mitigating controls
ctrl-batch-1- Implement strict access controls on job definitions
ctrl-batch-2- Use signed and verified container images for jobs
ctrl-batch-3- Monitor job execution for anomalous behavior
ctrl-batch-4- Implement network isolation for batch compute environments
ctrl-batch-5- Use separate IAM roles with least privilege for each job type