10 Signs Your Business Has Been Breached

Suspicious Outbound Activity

Network security pros should be trained in monitoring firewalls and intrusion-prevention and -detection systems to identify outbound activity to suspicious locations. Attackers also will use obscure ports to bypass security filtering mechanisms. The goal is to pass through network devices as legitimate traffic. The malicious traffic could signal a botnet infection and communication to a command-and-control server. Shutting down unnecessary ports can block malicious communication and help increase visibility, Trustwave said.

Get a roundup of CRN's security coverage right to your inbox with the Security Advisor newsletter.