ATLAS Tactic

Persistence - ATLAS Tactic

The adversary is trying to maintain their foothold via AI artifacts or software. Persistence consists of techniques that adversaries use to keep access to systems across restarts, changed credentials, and other interruptions that could cut off their access. Techniques used for persistence often involve leaving behind modified ML artifacts such as poisoned training data or manipulated AI models.

View details Read context

ATLAS Tactic

Record summary

A quick snapshot of what this page covers.

Techniques9Attack methods in this attacker goal.

ATT&CKTA0003Related cybersecurity reference, if available.

DatasetATLASMain public source for this page.

Tactic overview

What attackers may be trying to achieve.

ATLAS ID: AML.TA0006
ATT&CK external ID: TA0003
Technique count: 9

Technique coverage

Attack methods grouped under this attacker goal.

AML.T0080 - AI Agent Context Poisoning

demonstrated

AML.T0099 - AI Agent Tool Data Poisoning

feasible

AML.T0110 - AI Agent Tool Poisoning

realized

AML.T0061 - LLM Prompt Self-Replication

demonstrated

AML.T0018 - Manipulate AI Model

realized

AML.T0081 - Modify AI Agent Configuration

demonstrated

AML.T0020 - Poison Training Data

realized

AML.T0093 - Prompt Infiltration via Public-Facing Application

demonstrated

AML.T0070 - RAG Poisoning

demonstrated

Source

Where this page information comes from.

Original source

Original source links

Open the public records and source datasets used for this page.

Repositoryhttps://github.com/mitre-atlas/atlas-data ATLAS.yamlhttps://github.com/mitre-atlas/atlas-data/blob/main/dist/ATLAS.yaml Schemahttps://github.com/mitre-atlas/atlas-data/blob/main/dist/schemas/atlas_output_schema.json MITRE ATT&CK mappinghttps://attack.mitre.org/tactics/TA0003/