Threat actors may attempt to exfiltrate data over a different network medium than the command and control channel. If the command and control network is a wired Internet connection, the exfiltration may occur, for example, over a WiFi connection, modem, cellular data connection, Bluetooth, or another radio frequency (RF) channel.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.