Monitoring systems are expected to generate traffic, but it a malicious actor were to change alerts that were being fired at an API which charged per requests or generate large volumes of metric data which would then need to be stored and processed, or even triggering resource scaling, this would cause an increase in cloud bill.
Management / Monitoring / Threats / DEV
Cost Exhaustion Through Tampered Alerts or Metrics Collection
CCC.Monitor.TH06
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.Monitoring.CP01 | CCC.Monitoring.CP01 | |
| CCC.Monitoring.CP11 | CCC.Monitoring.CP11 |
Related Controls
| ID | Title | Description |
|---|---|---|
| CCC.Monitor.CN02 | Rate Limiting on Metric Generation | Prevent Malicious Actor or misconfiguration from flooding services with metric data. |
External Mappings
| Framework | ID | Remarks |
|---|---|---|
| MITRE-ATT&CK | T1565 | Data Manipulation |