Command and Control (TA0011)

During the resource development phase of some operations, threat actors need to set up a central control point. This control point is often a CnC server that manages and orchestrates the actions of an army of remote hosts or bots. Some CnC servers will integrate the functionality of malicious download servers. Other servers provide scanning and compromise functionality used to stage payloads onto discovered vulnerable systems during the initial access phase. To avoid detection of their critical CnC servers, threat actors may leverage application layer protocols, data encoding or data obfuscation techniques for communications. Other times, threat actors may leverage techniques such as ingress tool transfer or other web services to transfer data to and from a compromised system.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center