T1573 Encrypted Channel Mappings

Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.

View in MITRE ATT&CK®

NIST 800-53 Mappings

Azure Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
azure_sentinel Azure Sentinel technique_scores T1573 Encrypted Channel
Comments
This control provides minimal coverage for one sub-technique of this technique, resulting in an overall coverage score of Minimal.
References

ATT&CK Subtechniques

Technique ID Technique Name Number of Mappings
T1573.002 Asymmetric Cryptography 12
T1573.001 Symmetric Cryptography 11