Skip to content

Hide Navigation Hide TOC

Disk Wipe (ea2b3980-05fd-41a3-8ab9-3106e833c821)

Adversaries may wipe or corrupt raw disk data on specific systems or in large numbers in a network to interrupt availability to system and network resources. With direct write access to a disk, adversaries may attempt to overwrite portions of disk data. Adversaries may opt to wipe arbitrary portions of disk data and/or wipe disk structures like the master boot record (MBR). A complete wipe of all disk sectors may be attempted.

To maximize impact on the target organization in operations where network-wide availability interruption is the goal, malware used for wiping disks may have worm-like features to propagate across a network by leveraging additional techniques like Valid Accounts, OS Credential Dumping, and SMB/Windows Admin Shares.[Novetta Blockbuster Destructive Malware]

On network devices, adversaries may wipe configuration files and other data from the device using Network Device CLI commands such as erase.[erase_cmd_cisco]

Cluster A Galaxy A Cluster B Galaxy B Level
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic Disk Wipe (ea2b3980-05fd-41a3-8ab9-3106e833c821) Tidal Technique 1
Data Destruction (e5016c2b-85fe-4e6b-917d-0dd5b441cc34) Tidal Technique Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic 2
Data Encrypted for Impact (f0c36d24-263c-4811-8784-f716c77ec6b3) Tidal Technique Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic 2
Account Access Removal (847fcc8a-e74d-41e2-9f05-8d79d990cc04) Tidal Technique Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic 2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic Financial Theft (b9c9fd13-c10c-5e78-aeeb-ac18dc0605f9) Tidal Technique 2
Firmware Corruption (559c647a-7759-4943-856d-dc717b5a443e) Tidal Technique Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic 2
Data Manipulation (b77f03e8-f7d0-4d0f-8b79-4642d0fe2709) Tidal Technique Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic 2
Defacement (9a21c7c7-cf8e-4f05-b196-86ec39653e3b) Tidal Technique Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic 2
System Shutdown/Reboot (24787dca-6afd-4ab3-ab6c-32e9486ec418) Tidal Technique Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic 2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic Private Cluster (14a944d3-ab95-40d8-b069-ccc4824ef46d) Unknown 2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic Private Cluster (66657af9-83f7-4a54-b41b-301bfcdae866) Unknown 2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic Private Cluster (26db57d5-ce6f-4487-a8a8-b4af1c4b6406) Unknown 2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic Private Cluster (b05b5092-60f8-4324-aee3-7522753439ac) Unknown 2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic Private Cluster (49ef3482-7b75-4097-b9a6-6c9cb99d865c) Unknown 2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic Private Cluster (d693ca8a-dacf-439e-a16b-5f6b3406a21d) Unknown 2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic Private Cluster (2109de05-5b45-4519-94a2-6c04f7d88286) Unknown 2
Inhibit System Recovery (d207c03b-fbe7-420e-a053-339f4650c043) Tidal Technique Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic 2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic Private Cluster (3ec6bb34-4134-40c3-8b67-c0aeceae4471) Unknown 2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic Private Cluster (66cf4803-aec1-4396-afc1-28bc27dd8b2c) Unknown 2
Resource Hijacking (d10c4a15-aeaa-4630-a7a3-3373c89a584f) Tidal Technique Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic 2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic Private Cluster (03619027-8a54-4cb2-8f1d-38d476edbdd8) Unknown 2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic Private Cluster (546a3318-0e03-4b22-95f5-c02ff69a4ebf) Unknown 2
Endpoint Denial of Service (8b0caea0-602e-4117-8322-b125150f5c2a) Tidal Technique Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic 2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic Private Cluster (70365fab-8531-4a0e-b147-7cabdfdef243) Unknown 2
Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic Private Cluster (761fa7fa-d7e1-4796-85b3-5cd37d55dffa) Unknown 2
Service Stop (e27c5756-f43e-424f-af62-b21e8b304e5d) Tidal Technique Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic 2
Network Denial of Service (e6c14a7b-1fb8-4557-83e7-7f5b89717311) Tidal Technique Impact (52c0edbc-ce4d-429a-b1d5-720403e0172f) Tidal Tactic 2