MITRE Launches AADAPT Framework for Financial Systems - Dark Reading

VULNERABILITIES & THREATS CYBER RISK CYBERATTACKS & DATA BREACHES CYBERSECURITY OPERATIONS NEWS Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know. MITRE Launches AADAPT Framework for Financial Systems The new framework is modeled after and meant to complement the MITRE ATT&CK framework, and it is aimed at detecting and responding to cyberattacks on cryptocurrency assets and other financial targets. Kristina Beek,Associate Editor,Dark Reading July 15, 2025 1 Min Read SOURCE: KLAUS_OHLENSCHLAEGER VIA ALAMY STOCK PHOTO NEWS BRIEF MITRE has launched a cybersecurity framework known as Adversarial Actions in Digital Asset Payment Technologies (AADAPT), aiming to address vulnerabilities in digital financial systems. The framework will emulate the structure of the MITRE ATT&CK framework, providing developers, policymakers, and financial organizations with a methodology for identifying and mitigating potential threats associated with digital payments. "Digital payment assets like cryptocurrency are set to transform the future of global finance, but their security challenges cannot be ignored," said Wen Masters, vice president of cyber technologies at MITRE, in announcing the framework. The AADAPT framework aims to address cybercriminals' increased targeting of cryptocurrency, which has become the focus of sophisticated cyber threats such as double-spending attacks, phishing schemes, and ransomware attacks that affect everyone from governments and businesses to individual consumers.  "Smaller organizations, local governments, and municipalities are particularly vulnerable, often lacking the resources to enhance their cybersecurity measures," MITRE noted in the press release addressing the new framework. "AADAPT seeks to address these disparities by providing practical guidance and tools tailored to the unique needs of this financial market segment." The framework uses insights from real-world attacks and observations, and outlines adversary tactics and techniques for digital asset management systems. The AADAPT Matrix is broken up into 11 pieces of the attack chain: Reconnaissance Resource Development Initial Access Execution Privilege Escalation Defense Evasion Credential Access Lateral Movement Collection Impact Fraud Each of the sections has one or more techniques or subtechniques designated to it that have "digital asset relevance." These include everything from channel wormholing and flash loans to siphoning funds and unauthorized cross-chaining swaps. Read more about: News Briefs About the Author Kristina Beek Associate Editor, Dark Reading Kristina Beek is an associate editor at Dark Reading, where she covers a wide range of cybersecurity topics and spearheads video-related content. She is the creator and host of the Heard It From a CISO video series, where she interviews CISOs, directors, and other industry strategists to provide insights into the ever-evolving cybersecurity landscape. In addition to her editorial work, Kristina manages Dark Reading's social media channels and contributes to the platform's video coverage. Kristina graduated from North Carolina State University in 2021 with a degree in Political Science, concentrating in law and justice, and a minor in English. During her time at NC State, she honed her writing skills by contributing opinion pieces to the university's newspaper. After graduation, she began her career as a content editor before joining Dark Reading. Currently based in Washington, DC, you can find Kristina reading, taking walks in Georgetown, and wandering the museums surrounding the National Mall. More Insights Industry Reports Frost Radar™: Non-human Identity Solutions 2026 CISO AI Risk Report Cybersecurity Forecast 2026 The ROI of AI in Security ThreatLabz 2025 Ransomware Report Access More Research Webinars Building a Robust SOC in a Post-AI World Retail Security: Protecting Customer Data and Payment Systems Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need Securing Remote and Hybrid Work Forecast: Beyond the VPN AI-Powered Threat Detection: Beyond Traditional Security Models More Webinars You May Also Like VULNERABILITIES & THREATS Cheap Hardware Module Bypasses AMD, Intel Memory Encryption by Rob Wright NOV 25, 2025 VULNERABILITIES & THREATS Patch Now: Microsoft Flags Zero-Day & Critical Zero-Click Bugs by Jai Vijayan, Contributing Writer NOV 11, 2025 VULNERABILITIES & THREATS AI Agents Fail in Novel Ways, Put Businesses at Risk by Robert Lemos, Contributing Writer MAY 07, 2025 CYBERATTACKS & DATA BREACHES DeepSeek Breach Opens Floodgates to Dark Web by Emma Zaballos APR 22, 2025 Edge Picks APPLICATION SECURITY AI Agents in Browsers Light on Cybersecurity, Bypass Controls CYBER RISK Browser Extensions Pose Heightened, but Manageable, Security Risks CYBERSECURITY OPERATIONS Video Convos: Agentic AI, Apple, EV Chargers; Cybersecurity Peril Abounds ENDPOINT SECURITY Extension Poisoning Campaign Highlights Gaps in Browser Security Latest Articles in The Edge THREAT INTELLIGENCE Inside Olympic Cybersecurity: Lessons From Paris 2024 to Milan Cortina 2026 MAR 16, 2026 THREAT INTELLIGENCE The Data Gap: Why Nonprofit Cyber Incidents Go Underreported MAR 13, 2026 CYBER RISK Cyberattackers Don't Care About Good Causes MAR 13, 2026 CYBER RISK What Orgs Can Learn From Olympics, World Cup IR Plans MAR 12, 2026 Read More The Edge Want more Dark Reading stories in your Google search results?