Question 1

What is T1573.001 — Symmetric Cryptography?

Accepted Answer

Adversaries may employ a known symmetric encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Symmetric encryption algorithms use the same key for plaintext encryption and ciphertext decryption.

Question 2

What is the authoritative source for T1573.001?

Accepted Answer

Symmetric Cryptography (T1573.001) is catalogued in MITRE ATT&CK Enterprise and curated for EU compliance use cases by SQUR.

Question 3

Which ATT&CK tactics does T1573.001 belong to?

Accepted Answer

T1573.001 (Symmetric Cryptography) maps to the following MITRE ATT&CK tactic(s): command-and-control.

T1573.001Symmetric Cryptography

What it is

ATT&CK tactics· 1

References