Abstract
An attack vector is a technique by which a threat actor, hacker, or attacker gains access to a system, application, or resource to perform malicious activity. This can include everything from installing malware, altering files or data, or even some form of persistent reconnaissance. Attack vectors enable threat actors to exploit system vulnerabilities, poor configurations, and introduce items like stolen credentials to compromise a system. Attack vectors can include human elements in the form of deception, social engineering, and even include physical traits like fake identification badges. Attack vectors can consist of malware, malicious emails, infected web pages, text messages, social engineering, and many other forms of deception. All of these methods involve intentionally coding software to create a programmatic attack vector (except social engineering) to leverage a resource for malicious intent.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Digital Identity Guidelines—https://pages.nist.gov/800-63-3/
- 2.
Breaking up with obsolete cybersecurity practices—www.beyondtrust.com/blog/entry/breaking-up-with-obsolete-cybersecurity-practices
- 3.
Morey J. Haber and Darran Rolls, Identity Attack Vectors (Apress, 2020); Morey J. Haber and Brad Hibbert, Asset Attack Vectors (Apress 2018).
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2020 Morey J. Haber
About this chapter
Cite this chapter
Haber, M.J. (2020). Attack Vectors. In: Privileged Attack Vectors. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-5914-6_4
Download citation
DOI: https://doi.org/10.1007/978-1-4842-5914-6_4
Published:
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4842-5913-9
Online ISBN: 978-1-4842-5914-6
eBook Packages: Professional and Applied ComputingProfessional and Applied Computing (R0)Apress Access Books