Attack vectors help unauthorized elements to exploit the vulnerabilities in the system or network, including the human element. Examples of attack vectors are email attachments, pop-up windows, deception, chat rooms, viruses, and instant messages.

Attack surface

The sum-total of points on a network where attacks can occur where an unauthorized user (the “attacker”) can try to manipulate or extract data using a myriad of breach methods (the “cyber-attack vectors”). If you consider a graph, where the x-axis lists all of the devices and apps on your network (infrastructure, apps, endpoints, IoT, etc.) and the y-axis are the different breach methods such as weak and default passwords, reused passwords, phishing, social engineering, unpatched software, misconfigurations, etc. – the plot is your attack surface.

Cyber Attack vector

The method or ways by which an adversary can breach or infiltrate an entire network/system. Attack vectors enable hackers to exploit system vulnerabilities, including the human element of which is the weakest element.