A cybercriminal’s approach is complex. They want to gain access to your network, and they have multiple ways of doing so. An attack vector could be a virus sending out emails that look like invoices from companies you have worked with but are malicious attachments. Another possibility would involve gaining root privileges on your device through malware. Attack surfaces can include any location within their chosen network where vulnerabilities exist allowing them temporary control over devices connected into it. This could be computers running outdated versions of Windows that have never been patched, routers without up-to-date firmware downloaded and installed, which leaves users vulnerable.
The list of attack vectors is extensive, with creative ways to steal information and access private networks. It is not just one or two common techniques that cybercriminals use. It is many intricate methods which they have found over time. Such as cleverly devising these attacks through various means. They could plant malware on your computer without you ever knowing when visiting malicious websites (a practice called “drive-by download”). Other times an exploit may be used. An error within code where something goes wrong during execution but still leads back into the program itself.
Common Attack Vectors
· DDoS Attack
A DDoS attack is a Distributed Denial of Service. This means that an absurd number of Internet Protocol (IP) address requests are sent to flood the targeted network with traffic and overload it. This is done often on purpose just for fun, or as revenge.
· Email Fraud
Social engineering is a form of manipulation that involves pretending to be someone you are. This is to trick people into giving up personal
information or doing something they would not normally do. Social engineers will often use email fraud as one way they can get what they want from their victims.
· Man-In_The_Middle Attack
Man-in the middle attacks are a type of eavesdropping attack that often involves an insider trying to listen in on communications between two parties. Once this has been accomplished, both counterparties will exchange encrypted keys according to some agreed upon algorithm.
· IoT Device Hack
The Internet of Things (IoT) device hack is gaining access to a smart phone, computer, or other Internet-connected gadgets for various purposes.
Phishing is a type of social engineering that involves phone calls and emails to gather vital information from people. The idea can be as simple as an email asking someone for their banking login, which could then put them at risk by thieves.
· Unsecure Wi-Fi Connection
Many people do not know that they can be tracked by hackers when using a Wi-Fi connection. This is because the information being sent over these networks is not encrypted, which means it could potentially be eavesdropped on for any reason.