Commonly Used Port Technique ID T0885 Tactic Command and Control Data Sources Network Traffic : Network Traffic Flow External Contributors Matan Dobrushin. Adversaries may communicate over a commonly used port to bypass firewalls or network detection systems and to blend in with normal network activity. They may use the protocol associated with the port, or a completely different protocol, to avoid more detailed inspection of the network. Examples provided below include Dragonfly 2.0, Stuxnet and Triton.”]
Source: https://collaborate.mitre.org/attackics/index.php/Technique/T0885