NEW

1. COMMAND AND CONTROL

2. COMMAND AND CONTROL DEFINITION C&C (also known as C2) is a method that cybercriminals use to communicate with compromised devices within a target company’s network. In a C&C attack, an attacker uses a server to send commands to — and receive data from — computers compromised by malware. Types of C&C attacks # BOTNETS # RANSOMWARE #DISTRIBUTED DENIAL OF SERVICE

3. How do C&C attacks work? POINT OF ENTRY THE ADVERSARY LAUNCHES AN ATTACK TO PENETRATE THE TARGET NETWORK BY DELIVERING MALWARE. SOME OF THE MOST COMMON MALWARE DELIVERY METHODS INCLUDE PHISHING EMAILS, DRIVE-BY DOWNLOADS, UNAUTHORIZED ACCESS VIA STOLEN CREDENTIALS, AND VULNERABILITY EXPLOITS. IF THE ATTACK IS SUCCESSFUL, THE ADVERSARY MOVES ON TO THE NEXT STAGE. STABLISHING THE C&C CONNECTION AFTER A BACKDOOR OPENS THE TARGET NETWORK TO INFILTRATION, THE ATTACKER USES C&C CHANNELS TO INSTRUCT AND CONTROL THE COMPROMISED MACHINES AND MALWARE IN THE NETWORK. Lateral movement and persistence ONCE INSIDE THE NETWORK, THE ATTACKER COMPROMISES ADDITIONAL MACHINES TO HARVEST CREDENTIALS, ESCALATE PRIVILEGE LEVELS, AND MAINTAIN PERSISTENT CONTROL OVER THE COMPROMISED NETWORK. . DATA DISCOVERy THE PERPETRATOR EMPLOYS SEVERAL TECHNIQUES TO IDENTIFY VALUABLE SERVERS AND SYSTEMS THAT CONTAIN HIGH-VALUE DATA. DATA EXFILTRATION ONCE THE DATA IS GATHERED, THE CYBERCRIMINAL FUNNELS THE STOLEN DATA TO AN INTERNAL STAGING SERVER WHERE IT IS CHUNKED, COMPRESSED AND OFTEN ENCRYPTED AND THEN TRANSMITTED TO EXTERNAL LOCATIONS.

4. THANK YOU