T1573

Encrypted Channel

TA0011Command and Control

Adversaries may employ an encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.

Platforms5

ESXiLinuxmacOSNetwork DevicesWindows

CVEs mapped to this technique

No CVE mappings yet

ATT&CK ↔ CVE mappings come from CTID's open dataset, which currently covers only a fraction of all techniques. Commercial threat-intel feeds would expand this.