- Tactics
- Command and Control
- Platforms
- ESXi, Linux, macOS, Windows
- Reference
- attack.mitre.org/techniques/T1008
Description
Adversaries may use fallback or alternate communication channels if the primary channel is compromised or inaccessible in order to maintain reliable command and control and to avoid data transfer thresholds.
How GTK Cyber trains on this
GTK Cyber's hands-on training programs cover detection engineering across the MITRE ATT&CK framework, including the Command and Control tactic this technique falls under. Our practitioner-led courses focus on building real detections, not just memorizing technique IDs.
Related techniques
- T1001 — Data Obfuscation
- T1071 — Application Layer Protocol
- T1090 — Proxy
- T1092 — Communication Through Removable Media
- T1095 — Non-Application Layer Protocol
- T1102 — Web Service
- T1104 — Multi-Stage Channels
- T1105 — Ingress Tool Transfer
- T1132 — Data Encoding
- T1205 — Traffic Signaling
- T1219 — Remote Access Tools
- T1568 — Dynamic Resolution