HackingTheUniverse

There are several reasons why an attacker might want to get data back out of a system or network:

• Command and control communications
• Information collected about systems and network target data for future expansion
• Information that was the objective for penetration (identity theft, intellectual property)

The process of getting the data out can be as simple as sending an email or uploading a file or posting to web site. It can also be carried out physically in printed format or electronic format on a flash drive or CD.

In some cases, there is also a need for covert data transfer. The attacker can use encryption or steganography to hide the data. Covert channels can use a variety of techniques to bypass protection or detection including hiding data in unusual areas of common protocols.