M1003 Lock Bootloader
On devices that provide the capability to unlock the bootloader (hence allowing any operating system code to be flashed onto the device), perform periodic checks to ensure that the bootloader is locked.
| Item | Value |
|---|---|
| ID | M1003 |
| Version | 1.0 |
| Created | 25 October 2017 |
| Last Modified | 17 October 2018 |
| Navigation Layer | View In ATT&CK® Navigator |
Techniques Addressed by Mitigation
| Domain | ID | Name | Use |
|---|---|---|---|
| mobile | T1398 | Boot or Logon Initialization Scripts | A locked bootloader could prevent unauthorized modifications to protected operating system files. |
| mobile | T1645 | Compromise Client Software Binary | A locked bootloader could prevent unauthorized modifications of protected operating system files. |
| mobile | T1458 | Replication Through Removable Media | Users should ensure bootloaders are locked to prevent arbitrary operating system code from being flashed onto the device. |