An attack vector is the way or the method a cybercriminal penetrates a network or computer system. For a business, an attack vector is mostly used to steal data and money from an organisation by exploiting system vulnerabilities, but there have also been attacks where destruction of data is the goal.
There are many types of attack vectors cybercriminals use to take advantage of system weaknesses to cause a data breach or steal login credentials including malicious email attachments and weblinks, using malware and viruses, or using social engineering.
Some of the most common attack vectors are listed below.
1. COMPROMISED OR WEAK CREDENTIALS
Compromised credentials typically happen through a data breach or a phishing attempt. This is particularly dangerous when a person uses the same credentials across multiple sites, as the cybercriminal can then use the information to access other accounts a person holds, including business systems.
Weak passwords or the reuse of passwords being sent across your network creates an exposure gateway for initial access. Once a cybercriminal is connected to your network, they can then increase their access level using other types of attack vectors within the system.
To avoid the risk of compromised or weak credentials, businesses should implement policies to enforce the use of complex passwords; not allow employees to use the same password across multiple systems; and not to share passwords. Businesses should deploy multifactor authentication on every system that supports it.
Phishing is a type of social engineering where cybercriminals mask themselves as a legitimate company. They will email, text, or call a person to trick them into performing an action such as clicking a link to a site prompting them to enter their username and password, or open an attachment that will deploy malware on to a system or network.
Businesses can protect themselves from phishing attacks by raising employee awareness in identifying phishing attempts; implement spam filters and secure email gateways to identify suspicious email and block them; implement web content filtering and antivirus software that inspects web traffic for fraudulent sites, malicious downloads and block them; and enable multifactor authentication to prevent a cybercriminal with an employee’s login credentials from gaining access to your network.
3. MALWARE AND RANSOMEWARE
Malware (‘malicious software’) is software that cybercriminals use to harm your computer system or network without you knowing. It is used to steal confidential information, hold your computer or network to ransom, or install other programs. Malware is often installed via phishing when a user opens an attachment or clicks a link to a website that downloads and installs the malware without the person being aware.
Ransomware is on the rise and is a particularly destructive form of malware. It is used to lock or encrypt files or devices until you pay a ransom. Difficult to trace digital currencies such as Bitcoin are often used for the ransom making tracing the cybercriminals difficult.
Protective measures against malware and ransomware for your business include implementing system access controls for employees and restricting administrator privileges; install anti-virus software and turn on ransomware protection where available; keep operating systems and software up to date; restrict the downloading of files from the internet; and block suspicious attachments in email.
A cyber-attack can have a devastating impact on business whether they be small or large. If you would like to understand any vulnerabilities your business has, please contact us for an obligation-free cyber security IT assessment.