Threat Vectors and Attack Surfaces Flashcards
What’s the difference between a threat vector and attack surfaces?
A “threat vector” refers to the broader pathway or method an attacker might use to gain access to a system, including the environment and context of the attack, whereas an “attack vector” is the specific technique or means used to exploit a vulnerability within that pathway to launch an attack.
What is a threat vector?
The method or pathway that a cybercriminal uses to gain initial access to a victim’s network or system, essentially describing the “way in” for an attacker; it is often used interchangeably with the term “attack vector”.
What is a attack surface?
An attack surface refers to the sum of all the points where a threat actor could potentially exploit vulnerabilities in a system, application, or network. It encompasses all the entry points, interfaces, and interactions that might be susceptible to attack.
What are some types of threat vectors?
Phishing, Malware, Social Engineering, Zero-Day Exploits, (DoS) Attacks, Insider Threats, Supply Chain Attacks, (MitM) Attacks, Brute Force Attacks, Physical Attacks
What are some examples of attack surfaces?
Network Interfaces, Software Interfaces, User Inputs, Third-Party Integrations, External Devices
What is social engineering in cybersecurity?
Social engineering in cybersecurity refers to a manipulative technique employed by cybercriminals to exploit human psychology and behavior in order to gain unauthorized access to systems, sensitive information, or resources.
What is spear phishing?
Spear phishing elevates the precision of a phishing attack. In this targeted approach, cybercriminals focus on specific individuals or groups. The phisher tailors their deceptive communication to exploit the unique characteristics of their targets, making the attack more convincing and increasing the likelihood of success.
What is whale phishing (Whaling)?
Whale phishing, a specialized form of spear phishing, sets its sights on high-level executives or individuals with privileged access to sensitive information. This type of attack is characterized by its personalized nature, often presenting itself as an email from a trusted source, such as a CEO or CFO.
What is typically the four stage process of phishing?
1) Reconnaissance 2) Spear crafting 3) Delivery 4) Exploitation
What is vishing (Voice Phishing)?
Use of voice communication, such as phone calls, to impersonate trusted entities and manipulate victims into revealing sensitive information.
What is Smishing (SMS Phishing)?
Similar to phishing but uses SMS or text messages to deceive recipients into clicking on malicious links or sharing personal data.
What is misinformation in phishing attacks?
Spreading false or misleading information to manipulate individuals into making decisions that benefit the attacker.
What is impersonation in phishing attacks?
Pretending to be someone else to deceive individuals and gain unauthorized access.
What is a Business Email Compromise (BEC)?
A type of attack where cybercriminals compromise business email accounts to conduct fraudulent activities.
What is Multi-Factor Authentication (MFA)?
Implementing MFA adds an additional layer of security, mitigating the impact of compromised credentials even if obtained through a phishing attack.