Access "Command-and-control servers: The puppet masters that govern malware"
This article is part of the June 2014 Vol. 16 / No. 5 issue of Threat intelligence and risk: Why cybersecurity hangs in the balance
Command-and-control servers, also called C&C or C2, are used by attackers to maintain communications with compromised systems within a target network. The terms "command" and "control" are often bandied about without a clear understanding, even among some security professionals, of how these communications techniques work to govern malware. Half of the 315 security professionals surveyed about malware at organizations with more than 1,000 employees were "not very familiar" or "not at all familiar" with command-and-control communications techniques, according to Enterprise Strategy Group research. The knowledge gap widened based on their organization's security resources, from 24% of those with advanced security programs to 48% with average resources, and 82% with basic cybersecurity. As the name implies, command-and-control servers issue commands and controls to compromised systems (often Internet-connected computers of home users that then form zombie armies known as botnets). These communications can be as simple as maintaining a timed beacon or "heartbeat... Access >>>
Premium Content for Free.
Threat intelligence versus risk: How much cybersecurity is enough?
by Kathleen Richards, features editor
Learn how threat intelligence plays into global risk assessment as more security officers are tasked with damage control.
Command-and-control servers: The puppet masters that govern malware
by Adam Rice and James Ringold
Are there shadow networks within your enterprise? Stop malware by shutting down command-and-control communication channels.
- Threat intelligence versus risk: How much cybersecurity is enough? by Kathleen Richards, features editor
Cyberthreat intelligence is getting crowded
by David Strom, Contributor
As threat intelligence communities multiply, it may be time to revisit crowdsourcing security.
Beyond the Page: Global risk assessment
by Kathleen Richards
This Beyond the Page explores the latest advances in threat intelligence and related technology, including threat information sharing services, SIEM and endpoint security products.
- Cyberthreat intelligence is getting crowded by David Strom, Contributor
High alert on cyber risk and cybersecurity preparedness
by Kathleen Richards, features editor
Threat intelligence can shine a light on important security holes.
Avi Rubin on what it takes to move healthcare IT security forward
by Marcus J. Ranum, Contributor
Medical data is the next frontier, Avi Rubin tells Marcus Ranum, as Johns Hopkins University seeks to insulate medical information systems from hackers.
PCI economics: Are the information security requirements working?
by Pete Lindstrom, Contributor
How to evaluate whether PCI DSS is lowering credit card fraud and the risks associated with data breach disclosure.
- High alert on cyber risk and cybersecurity preparedness by Kathleen Richards, features editor
More Premium Content Accessible For Free
How to respond to the latest distributed denial-of-service attacks
All indications show that DDoS attacks are increasing in variety, number and size. No network system is immune and information security pros can't ...
Figuring out FIDO as the first products emerge
The Fast Identity Online (FIDO) standards reached the public draft stage in February, and the first deployments of FIDO-ready technologies followed ...
Secure file transfer: Send large files fast, but keep your system safe
FTP gets big files to colleagues and clients fast, but as the headlines remind us, the threat of electronic break-ins is real. This guide to secure ...