An attack vector is a method or pathway used by an attacker to illegally access and penetrate a target system or launch a cyber-attack. These pathways allow cyber criminals to exploit system vulnerabilities to gain access to sensitive data or other valuable information.
An attack surface is the total network area an adversary can use to gain access or manipulate a network to extract sensitive data. These surfaces include hardware, software and people because an attacker can exploit their vulnerabilities ranging from weak passwords to unpatched software.
Some of the common attack vectors that can be exploited by a cyber attacker include;
- Weak and compromised credentials – Users have a tendency to use and reuse weak passwords to protect their online accounts. Attackers to gain access to the victim’s accounts easily exploit these weak and reused passwords. Reusing passwords also results in the attacker getting access to multiple accounts used by the victim.
- Malware – This malicious software allows attackers to gain unauthorized access to networks and devices. Malware such as ransomware, viruses, Trojans, worms and spyware are usually spread through techniques such as phishing where the victims are lured into installing these malwares on their computers.
- Phishing – Attackers use this social engineering technique to trick an unsuspecting victim into providing their sensitive data and information. This technique can also be used to trick the victim into downloading a malicious file or clicking on a malicious link thus giving the attacker access to their computer or account.
- System Misconfiguration – Misconfiguring devices on the network or using default credentials from the manufacturer leaves users prone to attacks as cyber attackers easily exploit them. Using default settings will also make it easier for attackers to exploit because these manufacturer settings and passwords are usually publically available.
- Distributed denial of service (DDoS) attacks – Cyber threat actors use this attack vector to flood network resources i.e. computers and servers with internet traffic causing the computer/server to slow down or crash rendering the resource unavailable or unusable.
- Poor encryption – Poor encryption leads to the transmission of sensitive data in plaintext thereby risking its exposure to unauthorized parties if intercepted. Weak encryption may also lead to credentials been exposed in the event of a data breach or data leak.
- Software vulnerabilities and poor patching practices – Cyber threat actors are frequently looking for potential vulnerabilities in network devices, operating systems, servers, application software and computer systems. When attackers spot an unpatched security, vulnerability they can use a threat vector, such as malware, to gain unauthorized access to the software and servers.
- Third party vendors – The biggest data breaches in the recent past have been caused by third parties. Outsourcing means that your vendors pose a huge cybersecurity risk to your customer’s data and your proprietary data. While third party vendors enable flexibility and improved productivity in organizations, they must take the cybersecurity posture of their third-party vendors just as seriously as their own.