Cyber security incidents are becoming more frequent and the consequences more severe. In order to safeguard your business from an attack, first you must understand the tools and methods cyber criminals use to orchestrate these attacks. One of the key concepts to understand is what an attack vector is and what are the most common attack vectors.
What is attack vector?
An attack vector is the way a cyber criminal gains unauthorised access to a network or computer to carry out malicious activities. Once a hacker uses an attack vector to enter a network or computer they can then access confidential information on a business or individuals or infect the system with malicious programmes.
The cyber security threat landscape is ever changing, so we’ve created a list of the 10 most common attack vectors to watch out for in 2021.
Phishing is the most common attack vector and has been for many years. Phishing is where a cybercriminal contacts a target by email, telephone or SMS posing as a legitimate individual, or business to deceive the victim into clicking a malicious link or providing sensitive information, such as passwords or payment card information.
In the video below, Gary Duke discusses phishing attacks in more detail:
2: Lack of encryption
Whenever sensitive data is transferred is should be encrypted to ensure that even if it is intercepted it cannot be read without the encryption key. Many businesses still use unencrypted FTP sessions to transfer data, meaning that if a hacker intercepts the data, it is in plain text. It should also be noted that not all encryption is created equally. Low-level encryption is safer than no encryption at all, however, strong SSL/TLS encryption is favoured as it is significantly more difficult to obtain the encryption key.
3: Compromised or weak credentials
Compromised credentials is when a cyber criminal gain access to a network or system by obtaining the user credentials, such as a username and password. These credentials are often obtained through a phishing attack or poor password hygiene. Similarly, having weak credentials, such as a common password, allows cyber criminals easy access to a supposedly secure network.
4: Malicious insiders
When considering potential attack vectors, one that is often ignored is that of malicious insiders. These are individuals who are current or former employees that have legitimate access to company data and use this access to carry out malicious activities. This threat can be difficult to detect as employees need access to networks and data to do their jobs, however there are policies that can be put in place to reduce this risk.
5: Distributed Denial of Service
Distributed Denial of Service or DDOS is a malicious attack where a cybercriminal overwhelms a target server, service or network with internet traffic to disrupt normal traffic. The goal of these attacks may be to stop legitimate traffic from visiting a site, or to overwhelm network equipment, such as firewalls, in order to launch another cyberattack.
Misconfiguration is when a system is not configured correctly. For example, leaving the default username and password when configuring a device or in a setup page. This also includes not updating software when there are security patches and leaving unused features on a device enabled. This is particularly common with networking devices and database setups.
Many data breaches are because of poor configuration of a network, such as putting a CRM or HR server internet facing. Gary Duke explains why this happens in the video below:
Malware is one of the oldest forms of attack vector, first originating in the 1980s. Malware is any software that is intentionally designed to cause damage to a computer, server, or network. This includes viruses, ransomware and trojan horses. Malware is often distributed through malicious emails, websites and advertising.
Malvertising is a relatively new method of spreading malware, including ransomware. This attack vector is where a cyber criminal pays for legitimate advertising space on search engines and social networking platforms, but the website that is being advertising contains malware that when downloaded will infect the victim’s computer or network.
9: Brute force
A brute force attack is when a cyber criminal finds the correct login credentials to a secure device, account or network by submitting many passwords until they find the correct one. A hacker uses a programme to do this which can submit 1000s of login attempts per second. This attack vector is easy to negate with long, complex passwords that utilise numbers and special characters.
A man-in-the-middle attack may include intercepting messages and emails between individuals that include sensitive data, or intercepting login credentials between a user and an IT system. There are many different methods that can be used to carry out a man-in-the-middle attack, however most of these can be avoided with firewalls, encryption, multi-factor authentication and a strong security culture within an organisation.
These are the ten most common attack vectors. Some basic knowledge of each can help you identify attack attempts before they become a cyber security incident. However, for each of these 10 attack vectors there are multiple methods of execution, and each year they become more advanced. It can be difficult to stay up to date with each new method and best practice for avoiding an attack, so if you need help deploying a comprehensive cyber security solution to keep your organisation and data safe, let our cyber security services team know!