Attack vector (cybersecurity)

An attack vector is a sequence of actions or a means for obtaining unauthorized access to a secure information system ^[1] .

As possible vectors of attack on sensitive data, social engineering methods, exploiting known vulnerabilities of the operating system and applications, installing malicious code (for example keyloggers ) on users' workstations with access rights, etc. can be used. As a rule, the attack vector is not the only one , different attack vectors are not mutually exclusive, and the choice of a particular attack vector depends on the motivation and qualifications of the attackers, who most often rely on the most familiar and proven Wren methods. For example, cybercriminals with code development skills can rely on the creation and use of special software, hackers and crackers - on receiving information about user authentication methods (which are usually passwords), etc.

It has been noted that in recent years, the number, complexity and sophistication of observed cyber attacks has increased dramatically. Nevertheless, defects and vulnerabilities of modern operating systems of almost all types of Windows , Mac OS and Unix remain one of the dominant “suppliers” of vectors for attacking sensitive data. In addition to them, for remote access to databases with valuable information, the possibilities of manipulating SQL queries with the implementation of SQL code are also actively exploited. Often, emails with embedded hacker code, network phishing schemes, computer worms for searching and evaluating vulnerabilities, text documents with built-in macros that infect the system environment, DDOS attacks , etc. are often used as well. The goals and objectives of an attacker are greatly simplified if there are open ports on the victim’s computer, weak passwords are used for authorization, there is no firewall setting, etc. ^[2]