Skip to content

M1009 Encrypt Network Traffic

Application developers should encrypt all of their application network traffic using the Transport Layer Security (TLS) protocol to ensure protection of sensitive data and deter network-based attacks. If desired, application developers could perform message-based encryption of data before passing it for TLS encryption.

iOS’s App Transport Security feature can be used to help ensure that all application network traffic is appropriately protected. Apple intends to mandate use of App Transport Security 1 for all apps in the Apple App Store unless appropriate justification is given.

Android’s Network Security Configuration feature similarly can be used by app developers to help ensure that all of their application network traffic is appropriately protected 2.

Use of Virtual Private Network (VPN) tunnels, e.g. using the IPsec protocol, can help mitigate some types of network attacks as well.

Item Value
ID M1009
Version 1.0
Created 25 October 2017
Last Modified 17 October 2018
Navigation Layer View In ATT&CK® Navigator

Techniques Addressed by Mitigation

Domain ID Name Use
mobile T1638 Adversary-in-the-Middle Applications that properly encrypt network traffic may evade some forms of AiTM behavior.

References

  1. Kate Conger. (2016, June 14). Apple will require HTTPS connections for iOS apps by the end of 2016. Retrieved December 19, 2016. 

  2. Google. (n.d.). Network Security Configuration. Retrieved December 19, 2016.