Command and Control Explained

Details: Written by: Meena; Category: Cybersecurity PRISM

Command-and-control attacks can compromise an entire network. Find out what they are and how they work.

Malicious network attacks have been on the rise in the last decade. One of the most damaging attacks, often executed over DNS, is accomplished through command and control, also called C2 or C&C.

The attacker starts by infecting a computer, which may sit behind a firewall. This can be done in a variety of ways:

Via a phishing email that tricks the user into following a link to a malicious website or opening an attachment that executes malicious code.
Through security holes in browser plugins.
Via other infected software.

Once communication is established, the infected machine sends a signal to the attacker’s server looking for its next instruction. The infected computer will carry out the commands from the attacker’s C2 server and may install additional software. The attacker now has complete control of the victim’s computer and can execute any code. The malicious code will typically spread to more computers, creating a botnet – a network of infected machines. In this way, an attacker who is not authorized to access a company’s network can obtain full control of that network.

What Can Hackers Accomplish Through Command and Control?

Data theft. Sensitive company data, such as financial documents, can be copied or transferred to an attacker’s server.
Shutdown. An attacker can shut down one or several machines, or even bring down a company’s network.
Reboot. Infected computers may suddenly and repeatedly shutdown and reboot, which can disrupt normal business operations.
Distributed denial of service. DDoS attacks overwhelm server or networks by flooding them with internet traffic. Once a botnet is established, an attacker can instruct each bot to send a request to the targeted IP address, creating a jam of requests for the targeted server. The result is like traffic clogging a highway – legitimate traffic to the attacked IP address is denied access. This type of attack can be used take a website down

This Article Was Written & published by Meena R, Senior Manager - IT, at Luminis Consulting Services Pvt. Ltd, India.

Over the past 16 years, Meena has built a following of IT professionals, particularly in Cybersecurity, Cisco Technologies, and Networking...

She is so obsessed with Cybersecurity domain that she is going out of her way and sharing hugely valuable posts and writings about Cybersecurity on website, and social media platforms.

34,000+ professionals are following her on Facebook and mesmerized by the quality of content of her posts on Facebook.

If you haven't yet been touched by her enthusiastic work of sharing quality info about Cybersecurity, then you can follow her on Facebook:

Click Here to follow her: Cybersecurity PRISM

IT PANORAMA Business Intelligence Digital Marketing Information Management Application Platform Optimization Information Security	CYBER WARRIOR'S Ethical Hacking Masterclass	CERTIFICATIONS CCNP : Routing & Switching CCNA : Routing & Switching All Cisco Training Boot Camps CCNA CCNP - Project & Assignment Help MCSE : Server Infrastructure MCTS : Microsoft Project 2010 Professional All Microsoft Boot Camps Training
MANAGEMENT CONSULTANCY Leadership Development Lean Six Sigma Certification Training LSS Black Belt Program (On-site) LSS Green Belt Program (On-site)	BLOGS Cybersecurity PRISM IT & Networking Blog Process Management Blog Business Management Blog Education Training Blog	CONTACT US Privacy Policy Terms of Service © 2013 Luminis Consulting Services P Ltd, IN

Command and Control Explained

Guide to Important Sections

IT PANORAMA

CYBER WARRIOR'S

CERTIFICATIONS

MANAGEMENT CONSULTANCY

BLOGS

CONTACT US