Home
ATT&CK Techniques
T1573.001 Symmetric Cryptography

T1573.001 Symmetric Cryptography Mappings

Adversaries may employ a known symmetric encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Symmetric encryption algorithms use the same key for plaintext encryption and ciphertext decryption. Common symmetric encryption algorithms include AES, DES, 3DES, Blowfish, and RC4.

View in MITRE ATT&CK®

Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name
AC-4	Information Flow Enforcement	Protects	T1573.001	Symmetric Cryptography
CA-7	Continuous Monitoring	Protects	T1573.001	Symmetric Cryptography
CM-2	Baseline Configuration	Protects	T1573.001	Symmetric Cryptography
CM-6	Configuration Settings	Protects	T1573.001	Symmetric Cryptography
CM-7	Least Functionality	Protects	T1573.001	Symmetric Cryptography
SC-12	Cryptographic Key Establishment and Management	Protects	T1573.001	Symmetric Cryptography
SC-16	Transmission of Security and Privacy Attributes	Protects	T1573.001	Symmetric Cryptography
SC-23	Session Authenticity	Protects	T1573.001	Symmetric Cryptography
SC-7	Boundary Protection	Protects	T1573.001	Symmetric Cryptography
SI-3	Malicious Code Protection	Protects	T1573.001	Symmetric Cryptography
SI-4	System Monitoring	Protects	T1573.001	Symmetric Cryptography
action.hacking.variety.Evade Defenses	Modification of the action (rather than the system, as in 'Disable controls') to avoid detection.	related-to	T1573.001	Encrypted Channels: Symmetric Cryptography
action.malware.variety.Backdoor or C2	Malware creates a remote control capability, but it's unclear if it's a backdoor for hacking or C2 for malware. Parent of 'C2' and 'Backdoor'.	related-to	T1573.001	Encrypted Channels: Symmetric Cryptography
action.malware.variety.C2	Malware creates Command and Control capability for malware. Child of 'Backdoor or C2'.	related-to	T1573.001	Encrypted Channels: Symmetric Cryptography