Access "Command-and-control servers: The puppet masters that govern malware"
This article is part of the June 2014 Vol. 16 / No. 5 issue of Threat intelligence and risk: Why cybersecurity hangs in the balance
Command-and-control servers, also called C&C or C2, are used by attackers to maintain communications with compromised systems within a target network. The terms "command" and "control" are often bandied about without a clear understanding, even among some security professionals, of how these communications techniques work to govern malware. Half of the 315 security professionals surveyed about malware at organizations with more than 1,000 employees were "not very familiar" or "not at all familiar" with command-and-control communications techniques, according to Enterprise Strategy Group research. The knowledge gap widened based on their organization's security resources, from 24% of those with advanced security programs to 48% with average resources, and 82% with basic cybersecurity. As the name implies, command-and-control servers issue commands and controls to compromised systems (often Internet-connected computers of home users that then form zombie armies known as botnets). These communications can be as simple as maintaining a timed beacon or "heartbeat... Access >>>
Premium Content for Free.
Threat intelligence versus risk: How much cybersecurity is enough?
by Kathleen Richards, features editor
Learn how threat intelligence plays into global risk assessment as more security officers are tasked with damage control.
Command-and-control servers: The puppet masters that govern malware
by Adam Rice and James Ringold
Are there shadow networks within your enterprise? Stop malware by shutting down command-and-control communication channels.
- Threat intelligence versus risk: How much cybersecurity is enough? by Kathleen Richards, features editor
Cyberthreat intelligence is getting crowded
by David Strom, Contributor
As threat intelligence communities multiply, it may be time to revisit crowdsourcing security.
Beyond the Page: Global risk assessment
by Kathleen Richards
This Beyond the Page explores the latest advances in threat intelligence and related technology, including threat information sharing services, SIEM and endpoint security products.
- Cyberthreat intelligence is getting crowded by David Strom, Contributor
High alert on cyber risk and cybersecurity preparedness
by Kathleen Richards, features editor
Threat intelligence can shine a light on important security holes.
Avi Rubin on what it takes to move healthcare IT security forward
by Marcus J. Ranum, Contributor
Medical data is the next frontier, Avi Rubin tells Marcus Ranum, as Johns Hopkins University seeks to insulate medical information systems from hackers.
PCI economics: Are the information security requirements working?
by Pete Lindstrom, Contributor
How to evaluate whether PCI DSS is lowering credit card fraud and the risks associated with data breach disclosure.
- High alert on cyber risk and cybersecurity preparedness by Kathleen Richards, features editor
More Premium Content Accessible For Free
Strategies for a successful data protection program
Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...
Devices, data and how enterprise mobile management reconciles the two
The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...
Putting security on auto-pilot: What works, what doesn't
For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...