Adversaries may use steganographic techniques to hide command and control traffic to make detection efforts more difficult. Steganographic techniques can be used to hide data in digital messages that are transferred between systems. This hidden information can be used for command and control of compromised systems. In some cases, the passing of files embedded using steganography, such as image or document files, can be used for command and control.
View in MITRE ATT&CK®| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CA-07 | Continuous Monitoring | mitigates | T1001.002 | Steganography | |
| CM-06 | Configuration Settings | mitigates | T1001.002 | Steganography | |
| SI-03 | Malicious Code Protection | mitigates | T1001.002 | Steganography | |
| CM-02 | Baseline Configuration | mitigates | T1001.002 | Steganography | |
| SI-04 | System Monitoring | mitigates | T1001.002 | Steganography | |
| AC-04 | Information Flow Enforcement | mitigates | T1001.002 | Steganography | |
| SC-07 | Boundary Protection | mitigates | T1001.002 | Steganography |