Skip to content
Sara-Jayne Terp edited this page Jul 29, 2019 · 1 revision

What AMITT is and where to find it

AMITT (Adversarial Misinformation and Influence Tactics and Techniques) is a framework designed for rapidly describing and understanding disinformation incidents. AMITT is part of misinfosec - work on adapting information security (infosec) practices to help track and counter misinformation, and is designed as far as possible to fit existing infosec practices and tools.

AMITT's style is based on the MITRE ATT&CK framework; we're working on generating STIX templates for all its objects so AMITT messages can be passed between ISAOs and similar bodies using infosec transport standards like TAXII.

AMITT is a living standard - the current model was built from an analysis of 22 incidents; the techniques listed in it are a subset of the ones used in misinformation incidents. The model will evolve as it’s tested and used - there’s still refinement work to be done, learnings from testing, name changes as techniques become familiar to researchers and responders, etc.

The latest version of AMITT is held in the Github repository