C2 protocol development
Command and Control (C2 or C&C) is a method by which the adversary communicates with malware. An adversary may use a variety of protocols and methods to execute C2 such as a centralized server, peer to peer, IRC, compromised web sites, or even social media. 
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: Adversary will likely use code repositories, but development will be performed on their local systems.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: C2 over commonly used and permitted protocols provides the necessary cover and access.
- FireEye. (2015, July). HAMMERTOSS: Stealthy Tactics Define a Russian Cyber Threat Group. Retrieved March 6, 2017.