3. Security Threats and Attack Vectors
“In this article, we will see some Threats and Attack Vectors which are affecting low to high-level security levels.”
There are various categories of Information security threats, such as network threats, host threats, and application threats, and various attack vectors, such as viruses, worms, botnets, that might affect an organization’s information security.
This section Introduces you to the motives, goals, and objectives of Information security attacks, top Information security attack vectors, Information security threat categories, and the types of attacks on a system.
Also Read: Information Security Overview
Motives, Goals, and Objectives of Information Security Attacks
Attackers generally have motives (goals), and objectives behind information security attacks. A motive originates out of the notion that a target system stores or processes something valuable, which leads to the threat of an attack on the system.
The purpose of the attack may be to disrupt the target organization’s business operations, to steal valuable information for the sake of curiosity, or even to exact revenge.
Therefore, these motives or goals depend on the attacker’s state of mind, his/her reason for carrying out such an activity, as well as his/her resources and capabilities.
Once the attacker determines his/her goal, he/she can employ various tools, attack techniques, and methods to exploit vulnerabilities in a computer system or security policy and controls.
Attacks = Motive (Goal) + Method + Vulnerability
Also Read: The Security Triangle (Security Model)
Top Information Security Attack Vectors
- Cloud Computing Threats
- Advanced Persistent Threats (APT)
- Viruses and Worms
- Mobile Threats
- Insider Attack
- Web Application Threats
- IoT Threats
Information Security Threats are categories in mainly in three types of information security threats
- Network Threats
- Host Threats
- Application Threats
Network Threats: A network is the collection of computers and other hardware connected by communication channels to share resources and information.
- Information gathering
- Sniffing and eavesdropping
- Session hijacking
- Man-in-the-Middle attack
- DNS and ARP poisoning
- Password-based attacks
- Denial-of-Service attack
- Compromised-key attack
- Firewall and IDS attack
Also Read: What Is Honeypot? Trap For Hackers !!
Host Threats: Host threats target a particular system on which valuable information resides. Attackers try to breach the security of the information system resource.
- Malware attacks
- Password attacks
- Dental-Of-Service attacks
- Arbitrary code execution
- Backdoor attacks
- Unauthorized access
- Physical security threats
Application Threats: Applications can be vulnerable if proper security measures are not taken while developing, deploying, and maintaining them. Attackers exploit the vulnerabilities present in an application to steal or destroy data.
- Improper data/Input validation
- Hidden-field manipulation
- Authentication and authorization
- Broken session management attacks
- Buffer overflow issues
- Security misconfiguration
- Improper error handling and exception disclosure
- Cryptography attacks
- SQL Injection
Also Read: Hack Phone Calls, Whatsapp to read messages without touching the user phone(SS7)2019
Note: If you need more information in dept about any term you can comment below we will help you soon.
9 thoughts on “3. Security Threats and Attack Vectors”
I have recently started a blog, the information you offer on this web site has helped me greatly. Thank you for all of your time & work.
Love watching sunset every night 1
I truly appreciate this blog article.Much thanks again. Really Cool.
“This website really has all of the info I wanted about this subject and didn’t know who to ask.”
Like!! Thank you for publishing this awesome article.
Tremendous things here. I’m very glad to see your article.
Thanks a lot and I am having a look ahead to touch you. Will you kindly drop me a e-mail?
There is definately a lot to find out about this issue.
I love all of the points you have made.
We’re a group of volunteers and opening a new scheme in our community.
Your site offered us with valuable information to work on. You’ve done an impressive job and our entire community will be thankful to you.
I enjoy what you guys are up too. This type of clever work and reporting!
Keep up the very good works guys I’ve included you
guys to my personal blogroll.