Threat actors may use fallback or alternate communication channels if the primary channel is compromised or inaccessible in order to maintain reliable command and control and to avoid data transfer thresholds.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.