MITRE ATT&CK / T1030
T1030
Data Transfer Size Limits
Exfiltration
Description
An adversary may exfiltrate data in fixed size chunks instead of whole files or limit packet sizes below certain thresholds. This approach may be used to avoid triggering network data transfer threshold alerts.
Platforms
LinuxmacOSWindowsESXi
Mitigations
- M1031 — Network Intrusion Prevention
Look up any technique
Use our free MITRE ATT&CK lookup tool, or browse the full ATT&CK matrix.
Source: MITRE ATT&CK Enterprise matrix. View on attack.mitre.org →