One of the most damaging attacks, often executed over DNS, is accomplished through command and control, also called C2 or C&C. The attacker starts by infecting a computer, which may sit behind a firewall. This can be done in a variety of ways: via a phishing email when an attachment is opened it executes malicious code, security holes in browser plugins & infected software.
Now the infected system sends a signal to the attacker’s (command-C2) server for next instruction. The attacker now has complete control of the victim’s computer and can execute any command or script. In this way, an attacker who is not authorized to access a company’s network can obtain full control of that network.
Attackers can accomplish the following with Command and Control
- Steal sensitive confidential data.
- Shutdown or Reboot compromised system to disrupt business operations.
- Launch Distributed denial of service (DDOS).