Exfiltrate data

There are several reasons why an attacker might want to get data back out of a system or network:

  • Command and control communications
  • Information collected about systems and network target data for future expansion
  • Information that was the objective for penetration (identity theft, intellectual property)

The process of getting the data out can be as simple as sending an email or uploading a file or posting to web site. It can also be carried out physically in printed format or electronic format on a flash drive or CD.

In some cases, there is also a need for covert data transfer. The attacker can use encryption or steganography to hide the data. Covert channels can use a variety of techniques to bypass protection or detection including hiding data in unusual areas of common protocols.

Leave a Reply

You must be logged in to post a comment.