The cyber criminal’s ongoing goal is to gain unauthorized access to your computer and data. All the time hackers are trying to find ways to capture your data, use your credit cards and break into your company’s infrastructure.
And to prove that this is a problem for everyone and not just for users, attacks on the supply chain have risen by more than 300% in the last year and 66% of them came from malicious files (malware), which are one of the biggest threats and composes the alarming scenario of threat vectors (or attack vectors).
Threat Vector – What is it?
The Threat Vector is composed of methods and means used by various attackers as an entry point for unauthorized access and the exploitation of vulnerabilities and flaws with malicious intent. In general, this is a process that requires a lot of initial study by the attacker, as it is necessary to gather a lot of information to understand the context of the target and carry out the attack.
Using Threat Vectors, hackers can steal sensitive and confidential data, gain unauthorized access, spy on a target, infect the system with malware or erase all data from a company with powerful ransomware.
Why and how threat actors exploit these vectors
The worldwide increase in cyber-attacks is mostly due to financial intentions, but not all of them. It is very common, since the beginning, to identify attacks carried out by hacktivists, by political ideologies, and attacks sponsored by states and nations.
Another common motivation for attacks is access to credentials or sensitive information such as personal identification, bank details, and images/selfies in order to carry out financial fraud.
That is why it is common to say that a system can be attacked for active reasons (when there is a direct attempt to affect the system, infrastructure or operation) or passive reasons (when the invasion does not change the system, despite its exploitation).
The most common Threat Vectors
A data breach for example costs corporations an average of $4.5 million. Given that threat vectors are the entry point for data breaches and so many other threats, containing these attacks as much as possible can help prevent other large-scale attacks. However, to mitigate the risks it is necessary to know them. That’s why we’re going to talk about some of the most common threat vectors and their exploits below.
● Social Engineering
Social engineering refers to manipulating third parties through false information and deceptive behavior. It is common that in this type of approach, the victim discloses sensitive information such as bank details or clicks on a malicious URL sent through spearphishing.
Phishing is even the most common form of online manifestation of social engineering nowadays and is basically a fake web page that exists, among other functions, so that attackers can remove information from victims such as bank details and credit card, credentials access to personal and corporate accounts, personal data, among others.
Other forms of Social Engineering involve smishing, tailgating, and vishing, among others.
● Compromised and Weak Credentials
Credentials are critical assets for users and companies as they can be easily captured by database leaks, malware infection, phishing, and many other ways.
The common thing is that they are sold or, mainly, used to perform unauthorized access to applications, systems, devices, and networks. That’s why it’s important to avoid password reuse and keep 2FA enabled on all corporate and personal accounts.
● Malicious attachments (drive-by Download)
Email attachments are also widely used in attacks, especially those involving Malware and Ransomware. There are several threat actors automating the sending of emails with malicious attachments that, when executed, can compromise your data and even the infrastructure of giant companies.
Because people are easily coerced into clicking on attachments in social engineering attempts like these, scammers often use techniques to make the email look much like the original and gain initial access.
With initial access guaranteed for malware, for example, the hacker can get credentials saved in their browsers (such as a keylogger) or can also apply lateral movement techniques in a corporate environment and compromise the entire network (such as a Trojan or Ransomware ).
Vulnerabilities present in non-patched and/or non-updated software can be exploited and used by attackers for credential theft, improper access, code manipulation, malware infection, 0-day attacks, and countless other options.
A very common example is remote access to personal or corporate machines through RDP vulnerabilities that can easily be corrected by updating the software.
● Supply Chain
You are not 100% safe if your partner or third-party vendor is not, as this is a very common means of attack among threat actors and accounts for a large portion of malware attack victims and unauthorized access.
How to protect yourself from these threats
As threat vectors increase, it is on our side to identify the various layers of protection against an attack. But to stay ahead of the threat actors it is essential to have a good awareness of common security scenarios and apply the best practices recommended by professionals to ensure greater data protection.
As the rule says that the solution to threats is the combination of several layers of security, good practices and a good risk management program combined with the use of software that guarantees monitoring and blocking attacks are a great weapons for attackers. Fortinet, for example, is one of the major suppliers and partners of companies and users in this mission and provides Antivirus options, SIEM, Cloud Protect, and a whole portfolio with a focus on supporting companies in the challenge of becoming security resilient against a wide spectrum of threats.
There are several initial good practices that can be applied by users and companies that help with risk management:
● Personnel and employee awareness of the common threat and attack vectors
● Implementing strong passwords and using 2FA
● Invest in security teams and threat monitoring and blocking software
● Keeping software, hardware, and firmware up to date against vulnerabilities
● Protect email using anti-spam filters and settings
As already mentioned, protecting yourself and protecting your assets or your company involves not only combating threat vectors but mainly understanding their context, where they come from, how and why they succeed in initial access, and what consequences these malicious behaviours can cause.
With the constant increase in our attack surface, it becomes increasingly difficult to know everything, but knowing the most common vectors is a good start to taking actions that make your day-to-day and your data safer. With Securus, it is possible to find security solutions with the most varied focuses to meet your needs and budget.
You can be assisted by one of our security professionals, learn about our portfolio and present your requirements by clicking here.