Threat actors may exfiltrate data in fixed size chunks instead of whole files or limit packet sizes below certain thresholds. This approach may be used to avoid triggering network data transfer threshold alerts.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.