Attack Vector

An attack vector is a method by which a cybercriminal attacks a computer or network. While an attack surface is the location within the network that is vulnerable to an attack, the attack vector is the way a hacker carries it out. In current computer networking, attack vectors are numerous and creative. Attackers have found many detailed ways to steal information and access private networks. Some common attack vectors are listed below.

DDoS (distributed denial of service) attack: flooding a network, often a website, with an absurd number of IP address requests in order to shut it down temporarily and cause the web server to lose money
Email fraud: one of the many methods of social engineering, in which an attacker impersonates someone legitimate (like a company’s CEO) and asks for money or sends links with malicious software attached
Man-in-the-middle attack: often involves eavesdropping on a handshake that two parties use to establish an encryption key
IoT device hack: gaining access to a smart device that connects to the company network and being able to move to other parts of the network from there
Phishing: a general term that falls into the realm of social engineering; for example, fraudulent phone calls that ask someone to update their information (such as a banking login) with the intention of stealing personal data
Stealing employee credentials: gaining access to company logins and passwords to then move through the network
Third-party applications: any external applications that have access to your company’s networks but may not necessarily be trustworthy. Often third-party integration apps that connect two of your company software solutions fall into this category
Ransomware: downloading malware onto a computer, causing it to stop functioning, and demanding money before unlocking the computer or programs
Manipulating an unsecured Wi-Fi connection: eavesdropping on an Internet session, especially one that is not encrypted

This is by no means an exhaustive list. Organizations find themselves fighting to detect and prevent cyberattacks; as technology has advanced, so have attack methods. Adequately responding to threats requires a comprehensive approach to network security and automated data analysis. Businesses can no longer sufficiently sort through their own log and application data without help from machines.






Jenna Phipps
Jenna Phipps
Jenna Phipps is a writer for Webopedia.com, Enterprise Storage Forum, and CIO Insight. She covers data storage systems and data management, information technology security, and enterprise software solutions.

Related Articles

Human Resources Management System

A Human Resources Management System (HRMS) is a software application that supports many functions of a company's Human Resources department, including benefits administration, payroll,...

How To Defend Yourself Against Identity Theft

Almost every worldwide government agency responsible for identity theft issues will tell you the same thing: The first step to fighting identity theft is...

Infographic

An infographic is a visual representation of information or data. It combines the words information and graphic and includes a collection of imagery, charts,...

Phishing

What is phishing? Phishing is a type of cybercrime in which victims are contacted by email, telephone, or text message by an attacker posing as...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...