Top 6 Threat Vectors

As we progress into the 2023 year, many Cyber pundits have now made their predictions as to what this year will look like on the cyberattack landscape. Some of the most feared hacks are on critical infrastructure, such as our water supply, oil, and natural gas pipelines, nuclear facilities, electric power grid, etc. While any attack on these systems will have cataclysmic-like effects, it is important to remember that the threat vectors used for these attacks have roots dating all the way back to the simplest attack structures, dating back to the 1990s. 

In this article, we review some of the oldest payloads, and how they are still making an impact today. 

The Oldies But The “Goodies”: 

This is deemed to be one of the oldest threat vectors out there. It was actually conceived in the early 1990s and got its name by about the middle of the decade. The first major Phishing attack occurred a few years later, on the platform commonly called AOL, where quite a number of customer records were heisted. Since then, it has evolved into a very powerful way to trick an unsuspecting victim into giving up their private information, either by clicking on a malicious link or downloading an executable file that contains the malicious payload. During this timeframe, .XLS, .DOCX, and .PPT file types have been “picked on” the most. But now, hundreds of other file extensions are being exploited, so it is almost impossible to tell what is legitimate and what is fake. 

This is a term that has not been used in a while because we are so inundated with the new technojargon that is coming out on an almost daily basis. Worms are a piece of malware that can self-propagate without any kind of human intervention. This simply means that if your computer or wireless device is infected with a worm, it can be used as a host that can transmit to other hundreds, or even thousands, of devices in just a matter of a few minutes. So, although this kind of attack is barely even heard of anymore, it's still lurking, and can impact you when you least expect it. 

The good news about this threat is that it is a self-contained kind of malware. Meaning, it can only affect you locally and cannot spread like a worm. However, in some ways, it can be even deadlier. Viruses come primarily from Phishing emails. But once it is downloaded, the damage is done. For example, it can mess with your boot up sequence on your computer, attach itself to different partitions on the hard drive, or even covertly install a keylogging software that can record your keystrokes and send them back to the cyberattacker so that they can build a profile on you. The only way a virus can usually spread is if you stick a USB drive into your computer and give that to somebody else to install onto their own device. 

We still hear about this from time to time, and it can be considered as old as Phishing. Remember us telling you not to download any pop ads in a web browser or any other form of enticing ads that come up? Well, there is a reason for that. Most likely this is a Trojan Horse. It may be innocent looking to download, but in the background, it is really malware. Once this is downloaded, the Cyberattacker will inject their code into your computer or wireless device that will give them remote access to it. So, while you may be thinking that you are getting special deals on stuff, the truth of the matter is that the cyberattacker is already inside, stealing your usernames and passwords, banking and credit card information, etc. 

This does not come from a Phishing email, but rather happens when the cyberattacker launches an incredible amount of useless data packets to a server. The idea here is to slow down the computing and processing power of the server to a point so that it is literally brought to its knees and cannot deliver any more services. A good example of this is a web server. If it is bombarded by too many data packets all at once, either your website will be too slow to load, or it may be inaccessible for quite some time. When multiple servers are targeted, this becomes known as a Distributed Denial of Service (DDoS) attack. The DDoS attack is the most prevalent form of it today. But the good news here is that ISPs are always on the watch for any potential attacks like these, and if anything is detected, they will move in quickly to mitigate any risks. 

This threat variant has also been around for a long time, and in fact, it has origins in Phishing. It made its landmark in terms of significant security breaches when the COVID-19 pandemic first began, and the worst of it came in 2021, when just about everybody was getting hit by some type of ransomware. There were attacks all the way from Critical Infrastructure to our healthcare system. But Ransomware has become far worse now, as it has now evolved into extortion-like attacks, where the cyberattacker makes threats about releasing to the public any stolen information and data, unless they are paid a ransom, usually in Bitcoins. Unfortunately, paying the ransom does not guarantee that the cyberattacker will provide the decryption key and release your data.  

Conclusions 
Our next article will review some of the newer forms of threat vectors, one of them being Deepfakes.