Command and Control consists of techniques that adversaries use to communicate with and send commands to compromised systems, devices, controllers, and platforms with specialized applications used in ICS environments. Adversaries often seek to use commonly available resources and mimic expected network traffic to avoid detection and suspicion. The techniques in ATT&CK for ICS include common ports, commonly used protocols, connection proxy, connection proxies, and common application layer protocols such as HTTP(S), OPC, RDP, telnet, DNP3, and modbus.”]
Source: https://collaborate.mitre.org/attackics/index.php/Command_and_Control

