Data Encryption

Info

OWASP Mapping: N/A, outside OWASP Top 10:2025 web application risk scope (adversary tradecraft)
MITRE Mapping: T1486 Data Encrypted for Impact

Data Encryption

Adversaries may encrypt data within an application’s environment - often as part of a ransom scheme - to deny legitimate access and extort payment. This includes targeting databases, file systems, or specific data stores that are critical to normal operations. Encryption can occur on-premises or in cloud storage, hindering both real-time functionality and backup restoration if keys are withheld.