Remote Access Software (T1219)

View on ATT&CK

In Playbook

Technique & Subtechniques

  • Remote Access Software

Associated Tactics

  • Command And Control

Command and Control (TA0011)

The adversary is trying to communicate with compromised systems to control them. Command and Control consists of techniques that adversaries may use to communicate with systems under their control within a victim network. Adversaries commonly attempt to mimic normal, expected traffic to avoid detection. There are many ways an adversary can establish command and control with various levels of stealth depending on the victim’s network structure and defenses.

View on ATT&CK

Procedure Examples

Description Source(s)
CrowdStrike Intelligence. (2016). 2015 Global Threat Report. Retrieved April 11, 2018. CrowdStrike 2015 Global Threat Report
CrySyS Lab. (2013, March 20). TeamSpy – Obshie manevri. Ispolzovat’ tolko s razreshenija S-a. Retrieved April 11, 2018. CrySyS Blog TeamSpy
Google. (n.d.). Retrieved March 14, 2024. Google Chrome Remote Desktop
Huntress. (n.d.). Retrieved March 14, 2024. Chrome Remote Desktop
Wueest, C., Anand, H. (2017, July). Living off the land and fileless attack techniques. Retrieved April 10, 2018. Symantec Living off the Land