An “attack vector” is a path or means by which an attacker can gain access to a computer or to a network server to deliver a payload or malicious outcome. Attack vectors enable attackers to exploit system vulnerabilities including the human element.
Attack vectors include viruses, E-Mail attachments, webpages, pop-up windows, instant messages, chat rooms, and deception. All of these methods involve programming (or, in a few cases, hardware), except deception,in which a human operator is fooled into removing or weakening system defenses.
- List of World’s Worst Virus and Worm Attacks
- Cyber Security and Cyber Forensics – Interview Questions
- A to Z – Computer Security Terms and Definitions
- [Top 30] Checkpoint Firewall Questions with Answers
- Information Security Policy Related Questions with Answers
- From Reconnaissance to Covering Tracks – 5 Phases of Ethical Hacking
- Top 10 Internet Security Threats
- A to Z – Network Security Related Abbreviations and Terms
- A 10-Step Penetration Testing Methodology – A Detailed Guide
- A to Z – Cyber Security Tools Collection
To some extent, firewalls and antivirus software can block attack vectors. However, no protection method is totally attack-proof. A defense method that is effective today may nor remain so for long because attackers are constantly updating attack vectors, and seeking new ones, in their quest to gain unauthorized access to computers and servers.
A zero-day (or zero-hour)attack is a computer threat which attempts to exploit computer application vulnerabilities that are unknown to anybody in the word (i.e; undisclosed to the software vendor and software users) and/or for which no patch (i.e., security fix) is available. Zero-day exploits are used or shared by attackers before the software vendor knows about the vulnerability.
Sometimes software vendors discover the vulnerability but developing a patch can take time. Alternatively, software vendors can also hold releasing the patch reason to avoid the flooding the customers with numerous individual updates. A “zero-day” attack is launched just on or before the first or “zeroth” day of vendor awareness reason being the vendor should not get any opportunity to communicate/distribute a security fix to users of such software. If the vulnerability is not particularity dangerous, software vendors prefer to hold until multiple updates (i.e.,security fixes commonly known as patches) are collected and then release them together as a package.
Malware writes one able to exploit zero-day vulnerabilities through several different attack vectors.
The most common malicious payloads are viruses (which can function as their own attack vectors), Trojan Horses, worms, and Spyware. If an attack vector is thought of as a guided missile, its payload can be compared to the warhead in the trip of the missile.
In the technical terms, payload is the necessary data being carried within a packet or other transmission unit-in this scenario (i.e., attack vector) payload means the malicious activity that the attack performs. From the technical perspective, payload does not include the “overhead” data required to get the packet to its destination. Payload may depend on the following point of view: “What constitutes it?” To a communications layer that needs some of the overhead data to do its job, the payload is sometimes considered to include that part of the overhead data that this layer handles. However, in more general usage, the payload is the bits that get delivered to the end-user at the destination.
The attack vectors described here are how most of them are included.
- Attack by E-Mail: The hostile content is either embedded in the message or linked to by the message. Sometimes attacks combine the two vectors,so that if the message does not get you, the attachment will. Spam is almost always carrier for scams, fraud, dirty tricks, or malicious action of some kind. Any link that offers something “free” or tempting is a suspect.
- Attachments (and other files): Malicious attachments install malicious computer code. The code could be a virus, Trojan Horse, Spyware, or any other kind of malware. Attachments attempt to install their payload as soon as you open them.
- Attack by deception: Deception is aimed at the user/operator as a vulnerable entry point. It is not just malicious computer code that one to monitor. Fraud, scams, hoaxes, and to some extent Spam, not to mention viruses, worms and such require the unwitting cooperation of the computer’s operator to succeed. Social engineering and hoaxes are other forms of deception that are often an attack vector too.
- Hackers: Hackers/crackers are a formidable attack vector because, unlike ordinary Malicious Code, people are flexible and they can improvise. Hackers/crackers use a variety of hacking tools,heuristics, and social engineering to gain access to computers and online accounts. They often install a Trojan Horse to commandeer the computer for their own use.
- Heedless guests (attack by webpage): Counterfeit websites are used to extract personal information. Such websites look very much like the genuine websites they imitate. One may think he/she is doing business with someone you trust. However, he/she is really giving their personal information, like address, credit card number,and expiration date. They are often used in conjunction with Spam, which gets you there in the first place. Pop-up webpages may install Spyware, Adware or Trojans.
- Attack of the worms: Many worms are delivered as E-Mail attachments, but network worms use holes in network protocols directly. Any remote access service, like file sharing, is likely to be vulnerable to this sort of worm. In most cases, a firewall will block system worms. Many of these system worms install Trojan Horses. Next they begin scanning the Internet from the computer they have just infected, and start looking for other computers to infect. If the worm is successful, it propagates rapidly. The worm owner soon has thousands of “zombie” computers to use for more mischief.
- Malicious macros: Microsoft Word and Microsoft Excel are some of the examples that allow macros. A macro does something like automating a spreadsheet, for example. Macros can also be used for malicious purposes. All Internet services like instant messaging. Internet Relay Chart (IRC), and P2P file-sharing networks rely on cozy connections between the computer and the other computers on the Internet. If one is using P2P software then his/her system is more vulnerable to hostile exploits.
- Foistware (sneakware): Foistware is the software that adds hidden components to the system on the sky. Spyware is the most common form of foistware. Foistware is quasi-legal software bundled with some attractive software. Sneak software often hijacks your browser and diverts you to some “revenue opportunity” that the foistware has set up.
- Viruses: These are malicious computer codes that hitch a ride and make the payload. Nowadays, virus vectors include E-Mail attachments, downloaded files, worms, etc.