Skip to content

T1600.001 Reduce Key Space

Adversaries may reduce the level of effort required to decrypt data transmitted over the network by reducing the cipher strength of encrypted communications.1

Adversaries can weaken the encryption software on a compromised network device by reducing the key size used by the software to convert plaintext to ciphertext (e.g., from hundreds or thousands of bytes to just a couple of bytes). As a result, adversaries dramatically reduce the amount of effort needed to decrypt the protected information without the key.

Adversaries may modify the key size used and other encryption parameters using specialized commands in a Network Device CLI introduced to the system through Modify System Image to change the configuration of the device. 2

Item Value
ID T1600.001
Sub-techniques T1600.001, T1600.002
Tactics TA0005
Platforms Network
Permissions required Administrator
Version 1.0
Created 19 October 2020
Last Modified 21 October 2020

Detection

ID Data Source Data Component
DS0022 File File Modification

References

  1. Graham Holmes. (2015, October 8). Evolution of attacks on Cisco IOS devices. Retrieved October 19, 2020. 

  2. Omar Santos. (2020, October 19). Attackers Continue to Target Legacy Devices. Retrieved October 20, 2020.