Hybrid Infrastructure Attack

high

hybrid-infrastructure-attack

Attacker exploits hybrid cloud connections to pivot between on-premises and cloud environments or intercept traffic on dedicated connections

TamperingInformation DisclosureElevation of Privilege

MITRE ATT&CK techniques

ID	Name	Tactic
T1199	Trusted Relationship	Initial Access
T1021	Remote Services	Lateral Movement

Common Weakness Enumeration

CWE-668

Mitigating controls

ctrl-hybrid-1: Implement strong authentication for hybrid connections
ctrl-hybrid-2: Encrypt all traffic over dedicated connections
ctrl-hybrid-3: Monitor hybrid connection traffic for anomalies
ctrl-hybrid-4: Implement network segmentation between environments
ctrl-hybrid-5: Use private endpoints and avoid public internet routing

References

https://csrc.nist.gov/pubs/sp/800/207/final