Command and Control in the Fifth Domain
Source: Command Five Pty
This paper presents the findings of an extensive investigation into command and control infrastructure used by an Advanced Persistent Threat. Findings include technical details of malicious software, and associated command and control protocols. These findings are drawn upon to identify modus operandi and demonstrate links between a number of major targeted attacks including the recent Sykipot attacks, the July 2011 SK Communications hack, the March 2011 RSA breach, and the series of coordinated cyber attacks dubbed NightDragon.