Attack Vector

An attack vector is a method by which a cybercriminal attacks a computer or network. While an attack surface is the location within the network that is vulnerable to an attack, the attack vector is the way a hacker carries it out. In current computer networking, attack vectors are numerous and creative. Attackers have found many detailed ways to steal information and access private networks. Some common attack vectors are listed below.

DDoS (distributed denial of service) attack: flooding a network, often a website, with an absurd number of IP address requests in order to shut it down temporarily and cause the web server to lose money
Email fraud: one of the many methods of social engineering, in which an attacker impersonates someone legitimate (like a company’s CEO) and asks for money or sends links with malicious software attached
Man-in-the-middle attack: often involves eavesdropping on a handshake that two parties use to establish an encryption key
IoT device hack: gaining access to a smart device that connects to the company network and being able to move to other parts of the network from there
Phishing: a general term that falls into the realm of social engineering; for example, fraudulent phone calls that ask someone to update their information (such as a banking login) with the intention of stealing personal data
Stealing employee credentials: gaining access to company logins and passwords to then move through the network
Third-party applications: any external applications that have access to your company’s networks but may not necessarily be trustworthy. Often third-party integration apps that connect two of your company software solutions fall into this category
Ransomware: downloading malware onto a computer, causing it to stop functioning, and demanding money before unlocking the computer or programs
Manipulating an unsecured Wi-Fi connection: eavesdropping on an Internet session, especially one that is not encrypted

This is by no means an exhaustive list. Organizations find themselves fighting to detect and prevent cyberattacks; as technology has advanced, so have attack methods. Adequately responding to threats requires a comprehensive approach to network security and automated data analysis. Businesses can no longer sufficiently sort through their own log and application data without help from machines.






Jenna Phipps
Jenna Phipps is a contributor for websites such as Webopedia.com and Enterprise Storage Forum. She writes about information technology security, networking, and data storage. Jenna lives in Nashville, TN.

Top Articles

The Complete List of 1500+ Common Text Abbreviations & Acronyms

Text Abbreviations reviewed by Web Webster   From A3 to ZZZ we list 1,559 SMS, online chat, and text abbreviations to help you translate and understand...

Windows Operating System History & Versions

The Windows operating system (Windows OS) refers to a family of operating systems developed by Microsoft Corporation. We look at the history of Windows...

How to Create a Website Shortcut on Your Desktop

Website Shortcut on Your Desktop reviewed by Web Webster   This Webopedia guide will show you how to create a website shortcut on your desktop using...

Generations of Computers (1st to 5th)

Reviewed by Web Webster Learn about each of the 5 generations of computers and major technology developments that have led to the computing devices that...

Telecommunication

Telecommunication refers to telephony and cellular network technology. However, the broader definition includes...

Spoofing

What is spoofing? As it pertains to cybersecurity, spoofing is when a person disguises...

How to Indent in...

Microsoft Word is a graphical word...