The processes and tools behind a true APT campaign: Command & Control

In part four of a series on understanding the processes and tools behind an APT-based incident, CSO examines the Command & Control phase, often referred to as C2. During this phase, the attacker(s) are on the network, and depending on their objectives, will start focusing on their endgame.

[Cybercriminals increasingly use the Tor network to control botnets, researchers say]

"The first 'phone home' activity will usually take place directly following infection, activity at this point will include establishing the channel and downloading further tools for local reconnaissance, credential theft and escalation of privileges," Rik Ferguson, the VP Security Research at Trend Micro, told CSO.

Join the CSO newsletter!

Error: Please check your email address.

Tags freemiumsecurity

More about APTC2CSOTrend Micro Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Steve Ragan

Latest Videos

More videos

Blog Posts