Encrypt Network Traffic
Application developers should encrypt all of their application network traffic using the Transport Layer Security (TLS) protocol to ensure protection of sensitive data and deter network-based attacks. If desired, application developers could perform message-based encryption of data before passing it for TLS encryption.
iOS's App Transport Security feature can be used to help ensure that all application network traffic is appropriately protected. Apple intends to mandate use of App Transport Security [1] for all apps in the Apple App Store unless appropriate justification is given.
Android's Network Security Configuration feature similarly can be used by app developers to help ensure that all of their application network traffic is appropriately protected [2].
Use of Virtual Private Network (VPN) tunnels, e.g. using the IPsec protocol, can help mitigate some types of network attacks as well.
Techniques Addressed by Mitigation
| Domain | ID | Name | Use | |
|---|---|---|---|---|
| Mobile | T1638 | Adversary-in-the-Middle |
Applications that properly encrypt network traffic may evade some forms of AiTM behavior. |
|
| Mobile | T1422 | .001 | System Network Configuration Discovery: Internet Connection Discovery |
Ensure that traffic is encrypted to reduce adversaries’ ability to intercept, decrypt and manipulate traffic. |