Access your Pro+ Content below.
Command-and-control servers: The puppet masters that govern malware
This article is part of the Information Security magazine issue of June 2014 Vol. 16 / No. 5
Command-and-control servers, also called C&C or C2, are used by attackers to maintain communications with compromised systems within a target network. The terms "command" and "control" are often bandied about without a clear understanding, even among some security professionals, of how these communications techniques work to govern malware. Half of the 315 security professionals surveyed about malware at organizations with more than 1,000 employees were "not very familiar" or "not at all familiar" with command-and-control communications techniques, according to Enterprise Strategy Group research. The knowledge gap widened based on their organization's security resources, from 24% of those with advanced security programs to 48% with average resources, and 82% with basic cybersecurity. As the name implies, command-and-control servers issue commands and controls to compromised systems (often Internet-connected computers of home users that then form zombie armies known as botnets). These communications can be as simple as ...
Features in this issue
Learn how threat intelligence plays into global risk assessment as more security officers are tasked with damage control.
As threat intelligence communities multiply, it may be time to revisit crowdsourcing security.
Are there shadow networks within your enterprise? Stop malware by shutting down command-and-control communication channels.
This Beyond the Page explores the latest advances in threat intelligence and related technology, including threat information sharing services, SIEM and endpoint security products.
Columns in this issue
Threat intelligence can shine a light on important security holes.
Medical data is the next frontier, Avi Rubin tells Marcus Ranum, as Johns Hopkins University seeks to insulate medical information systems from hackers.
How to evaluate whether PCI DSS is lowering credit card fraud and the risks associated with data breach disclosure.