What Is a Command and Control Cyberattack?

How Command and Control Attacks Are Structured

In the early days of the internet, attackers would have a physical server under their control, and they’d direct the attack from there. Today, many C2 attacks are directed from servers in the cloud.

Sometimes an attacker will use one server that the malware will send a message back to for instructions. This can be easily mitigated, since the C2 server’s IP address can be detected and blocked to prevent further communication. If an attacker uses proxies to mask their true IP address, however, defense becomes more difficult.

More commonly, scammers will use multiple servers to conduct an attack. It may be several servers running the same attack for redundancy in case one is taken down, or groups of servers arranged into a hierarchy.

Attackers can also instruct the infected computers in a botnet to act as a peer-to-peer (P2P) network, communicating with one another randomly instead of from a central server. This makes it harder to detect the infection’s origin. According to cybersecurity software manufacturer DNSFilter, this approach is often used together with a single-server attack — if the server gets taken down, the P2P option is there as a backup.

Search
  • There are no suggestions because the search field is empty.
Latest posts
Wi-Fi is thriving: Meet seven new additions to our 2024 Wi-Fi NOW leadership community! Wi-Fi is thriving: Meet seven new additions to our 2024 Wi-Fi NOW leadership community!

This year is already off to a flying start and we’re delighted that so many outstanding Wi-Fi companies big and small have chosen to work with us in 2024. Here – in no particular order – are seven new additions to our Wi-Fi NOW partnership list, which we believe is the world’s premier community of Wi-Fi industry leaders. We will of course be working closely with all our partners new and old through the year to showcase their outstanding contribut...

Want a Stronger Cybersecurity Culture? Time to Destigmatize Mistakes Want a Stronger Cybersecurity Culture? Time to Destigmatize Mistakes

A common refrain in cybersecurity circles is that humans are your weakest link. There’s truth in this, but making this the focal point of your cybersecurity training and culture can sometimes have unintended consequences.

Juncos Hollinger Racing Announces DNSFilter as Official Partner Juncos Hollinger Racing Announces DNSFilter as Official Partner

Indianapolis, Ind. –Today NTT INDYCAR SERIES team Juncos Hollinger Racing announced a new partnership with DNSFilter, a cybersecurity company that protects over 32,000 businesses from online threats.

Explore More Content

Ready to brush up on something new? We've got even more for you to discover.