Cyberwarfare: Information Operations in a Connected World, 2nd Edition by Mike Chapple, David Seidl

Weaponizing Cryptography

The ways in which encryption is used in modern malware is a useful model to examine when considering how encryption techniques can be used in both offensive and defensive cyberwar activities. The following sections look at three major examples of malware that uses encryption. First, you’ll examine the long history of using encryption to evade detection by defensive technologies. Second, you’ll learn about the Zeus banking Trojan, which uses encryption to avoid detection and to keep its configurations secret. Finally, you’ll read about Cryptolocker, an infection that encrypts data using modern asymmetric encryption and then extorts a ransom from users who need their data back.