What is it?
MeshCentral is an open-source remote administration tool that provides remote control, hardware and software inventory, system monitoring, and background management including remote terminal and file management.
While extremely useful, these remote control features have attracted a number of attackers.
Collectively, these threats are known as Command and Control (C&C or C2) attacks.
Why is it a risk?
By its very nature, remote control software is an attractive target for attackers.
Recent advancements in AI have introduced Advanced Persistent Threats (APT) where attackers create a persistent and undetectable presence on your server.
Once an APT is established, the attacker can collect data to perform espionage and execute commands from your server, often distributing malware to other victims.
These attacks are one of the top concerns in cyber security today because they tend to be very destructive over time.
The ZenArmour (a third party security product) link below describes these risks in more detail and provides a detailed list of mitigation strategies and .
How can you mitigate the risk?
Pretecting your organization from C2 attacks is complex.
If your organization must use remote control software, then a number of risk mitigations are recommended:
1) keep your MeshCentral or other remote control installation up-to-date
2) implement Two Factor Authentication (2FA)
3) restrict access to the server using firewall rules
4) establish a Virtual Private Network (VPN)
There are also third party MeshCentral security tools (mostly NOT open source).
The MeshCentral official YouTube channel (link below) provides several resources.
There are several GitHub pages dedicated to securing MeshCentral (an example is linked below).
Resources:
What is Command and Control (C&C or C2) in Cybersecurity?
https://www.zenarmor.com/docs/network-security-tutorials/what-is-command-and-control-c2
Github MeshCentral Security techniques
https://github.com/Ylianst/MeshCentral/blob/master/docs/docs/meshcentral/security.md
MeshCentral Official YouTube Channel
https://www.youtube.com/channel/UCJWz607A8EVlkilzcrb-GKg/videos
