Contact us

      The MITRE AADAPT Framework is a comprehensive cybersecurity model designed to address adversarial actions in digital asset payment technologies. Developed by The MITRE Corporation, AADAPT complements the widely recognised MITRE ATT&CK framework, offering a structured approach to securing blockchain ecosystems, cryptocurrency platforms, and distributed ledger technologies (DLT). This framework empowers organisations to identify, analyse, and mitigate emerging threats targeting digital assets, including smart contracts, consensus algorithms, and cryptographic implementations. With the rapid adoption of crypto ecosystems, adversaries are exploiting vulnerabilities through sophisticated tactics such as resource development, initial access, execution, privilege escalation, defense evasion, credential access, lateral movement, collection, impact, and fraud.

      The report highlights critical attack techniques like channel worm-holing, oracle manipulation, timestamp dependence analysis, Sybil node creation, double-spending attacks, and quantum-efficient factorisation, which pose severe risks to financial integrity and user trust. It also addresses advanced laundering methods such as layering, money mules, tumblers, and peer-to-peer exchanges, which adversaries use to obscure illicit transactions. By mapping these enterprise tactics to actionable mitigation strategies such as enforcing zero-trust frameworks, conducting smart contract audits, implementing quantum-resistant encryption, and deploying behavioral analytics. AADAPT enables proactive defense and regulatory compliance. The framework is highly relevant for financial institutions, crypto exchanges, blockchain developers, and regulators, offering guidance on gap assessments, incident response workflows, and simulation training for red and blue teams. Organisations can leverage AADAPT to strengthen Security Operations Center detection coverage, align security controls with emerging threat vectors, and build resilience against market manipulation schemes like pump-and-dump, wash trading, and whale wall spoofing. As digital asset ecosystems evolve, the AADAPT framework serves as a critical tool for safeguarding crypto transactions, wallet infrastructures, and blockchain governance against adversarial exploits. By adopting AADAPT, organisations can stay ahead of adversaries, protect stakeholder interests, and ensure compliance with legal and regulatory standards in the dynamic world of digital finance.

      Key highlights of the report:

      • Rising cyber threats in digital asset ecosystems

        The rapid growth of blockchain and cryptocurrency platforms has led to an increase in sophisticated adversarial actions targeting digital asset payment technologies. Threat actors exploit vulnerabilities in smart contracts, consensus mechanisms, and cryptographic implementations, posing significant risks to financial integrity and trust

      • Comprehensive MITRE AADAPT framework for defense

        The AADAPT framework provides a structured approach to identify, analyse, and mitigate cyber threats in digital asset systems. It complements MITRE ATT&CK and introduces 11 enterprise tactics, including resource development, initial access, execution, privilege escalation, defense evasion, and fraud, tailored for blockchain environments.

      • Critical attack techniques and risks

        The report highlights advanced attack vectors such as channel worm-holing, oracle manipulation, timestamp dependence analysis, Sybil node creation, double-spending attacks, and quantum-efficient factorisation. These techniques can lead to data leakage, identity compromise, market manipulation, and cryptographic breaches

      • Strategic roadmap for implementation

        The report outlines a phased approach for AADAPT adoption: conduct gap assessments, align SOC detection rules with AADAPT techniques, update playbooks and KPIs, and train teams through tabletop exercises and red team drills. This roadmap ensures proactive defense and regulatory compliance.

      • Collaborative approach for securing digital finance

        Success in mitigating adversarial actions requires coordination among financial institutions, crypto exchanges, regulators, and technology providers. By leveraging AADAPT, stakeholders can strengthen threat intelligence, enhance system design, and maintain trust in the global digital economy.

      Adversarial Actions in Digital Asset Payment Technologies (AADAPT)TM


      MITRETM AADAPTTM Framework: A cyber threat model designed to protect digital asset and crypto ecosystems

      Download the report (1.3 MB)

      Key Contacts

      Kunal Pande
      Kunal Pande

      National Leader - Digital Trust for Financial Services Sector, National Co-Head - Digital Risk and Cyber

      KPMG in India

      Rohan Padhi
      Rohan Padhi

      Partner, National Co-Lead, Digital Risk and Cloud Security

      KPMG in India

      Romharsh Razdan
      Romharsh Razdan

      Partner, Digital Trust

      KPMG in India

      Pratiksha Doshi
      Pratiksha Doshi

      Partner

      KPMG in India

      How can KPMG in India help

      Use cyber security to protect your future
      Read more

      New technologies. Sales channels. Customer experiences. Does your organisation have the confidence and agility to seize these kinds of opportunities, or are cyber threats holding you back?
      Read more

      Transformation driven by data, enabled by digital technology, and led by business initiatives
      Read more

      Access our latest insights on Apple or Android devices

      kpmg-insights-edge-qr