Unsolicited Communications Risk Vector Ingrid ⇤ Compromised Systems Risk Category The Unsolicited Communications risk vector indicates a host is trying to contact a service on another host. It might be attempting to communicate with a server that is not providing or advertising any useful services, the attempt may be unexpected, or the service is unsupported. This also accounts for hosts that might be scanning darknets. See data collection methods or the criteria for classifying findings as Unsolicited Communications. Risks This type of activity not only shows that a device is compromised, but that it is actively seeking other devices to infect and also risks opening a back door for malware to infiltrate systems. Grading Compromised Systems risk vectors are graded in the same manner. They are weighted evenly across the risk category and have a lifetime of 180 days. Remediation Review Unsolicited Communication findings and use forensics to track down infections. Prevent the malware software from gaining access to the target computer. Conduct a thorough security review of the machine (malware & antivirus sweep). Review services used on the machine, harden firewall rules. Improve employee computer safety training (phishing, installing unapproved software). Finding Behavior User-requested rescans are not available for Compromised Systems risk vectors. As the negatively impacting finding gets older, you will gradually get points back. August 16, 2023: New Grading & Finding Behavior sections. May 8, 2020: Updated risk vector description. Related articles Potentially Exploited Risk Vector Malware Servers Risk Vector Unsolicited Communications Finding Considerations Unsolicited Communication Findings GET: Assets Feedback 0 comments Please sign in to leave a comment.