An attack vector is the pathway used by an attacker to gain access to the entity being attacked. Often in houses, we install reinforced doors and windows because they are the points of weakness by which malicious elements attack homes. Some install cameras and motion sensors to mitigate attacks on special buildings. The essence of understanding attack vectors is to provide the perspective that elaborates where vigilance and preventive measures are necessary to mitigate attacks. The fluid nature of the internet means we develop more vectors daily. However, these developments are usually an iterative improvement on the old ones. The patterns of recognition are usually the same for those that are aware of these threats. The goal of this post is to raise the awareness level of the reader, facilitating an increase in the recognition of both old and future attack vectors, thus increasing the ability of such people to starve off attacks by avoiding mistakes that facilitate them.

Compromised user credentials: A username coupled with a password is still the most popular set of user credentials used on the internet today. For a lot of organizations, the username still uses a set and well-known pattern. It could be the email of users or some sort of uniformly formed code. Such usernames are not a secret. Passwords also pose a challenge for security. Most humans reuse them, having formed said passwords with an easily guessable formula. Others use passwords that are easily susceptible to dictionary attacks. And so, we encourage users to form passwords using complex but relatable formula to ensure it is not susceptible to a good guess or brute force. Passwords should include numbers and special characters. Do not reuse passwords across different services. Ensure you use 2FA whenever it is available.

Malicious Insiders: The enemy within is often more dangerous than approaching adversaries. It is possible to find malicious insiders within any system. Sometimes they’re disgruntled employees or related persons. Other times, they act in a complete error. Regardless of the motive behind their actions, they are difficult to prevent. The best practice is close monitoring of systems and ensuring that everyone stays within the purview of their functions. A driver has no business with the cooking pot.

Phishing: The colloquial pronunciation “fishing” is more closely related to the meaning of the term phishing. An attacker uses social engineering methods to look for vulnerabilities of to trick unsuspecting parties to take actions they otherwise would not do. A compromised link sent as from a legitimate body is one way to do this. Other times, hackers would call requesting for sensitive information pretending to have legitimate reasons to make such petitions. Phishing is such an effective technique that high-profile tech enthusiasts still fall for tricks in this domain. Mitigating against this is difficult. We should not download email attachments that do not need to be downloaded. We should ignore links that are not verified. Always double and triple check before divulging sensitive data. If it is too good to be true, it is probably false. 

Vulnerabilities: hackers are constantly looking for new ways to gain access to systems. As security experts constantly look to block the paths of attackers, the attackers are always busy looking for new, sophisticated, and less detectable methods to gain access to systems. It is wise to always act as if whatever system is in use is vulnerable, as it is quite probable someone has found a zero-day attack to compromise said system. A zero-day attack is a vulnerability not known to security experts. As security experts research and detect vulnerabilities, they put up measures to mitigate these detected issues. A zero is beautiful because palliative measures would not be in place to prevent or detect such an attack. A good habit to have is to always update applications in use. Majority of updates are security updates meant to mitigate against vulnerabilities. Critical systems must have sand-boxed environments to test the compatibility of updates to avoid fatal disruptions.

Misconfiguration: This attack vector closely relates to vulnerabilities. In-fact, the processes to mitigate their effects often overlap. A terribly configured device could allow attackers to gain access to systems. A common example of a misconfiguration is leaving unused ports or services active. That they are unused ensures someone would not closely monitor them and strange activities in such ports or services would go unnoticed. As they are not in use when those ports/services become vulnerable, they are often not top priorities to be fixed for that use case. Hence, it would be cogent to keep such ports/ services disabled. It is advisable to tweak and update configurations regularly to mitigate against recently discovered issues. Critical systems should remember to test configurations in sand-boxed environments to prevent deplorable outcomes.

Failing to meet surrounding requirements and ensuring these attack vectors are not potent in an environment could lead to attacks such as Ransomware, Distributed Denial of Service (DDOS), SQL Injections, Cross-Site Scripting (XSS), Session hijacking, Man-in-the-middle (MITM), Brute force, Trojans, worms, viruses, Malwares, code injections, as well as various types of issues that could arise from being vulnerable. Prevention is always better than cure and doing something is always better than nothing.