Chapter 1 - 02 - Define Threat Actors_Agents - 03_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Information Security Threats and Vulnerabilities Threat Vectors Exam 212-82 A threat vector is a medium through which an attacker gains access to a system by exploiting identified vulnerabilities ®e©00 Direct access Removable media Wireless Email ©60-606 Threat vectors used by malicious actors Cloud Ransomware/malware Supply chain Business partners L All Rights Reserved. Reproduction is Strictly Prohibited Threat Vectors A threat vector is a medium through which an attacker gains access to a system by exploiting identified vulnerabilities. It is the path that attackers take to enter an organization’s network. Threat vectors can be exploited by numerous entities such as disgruntled employees, malicious hackers, and potential competitors to gain access to the systems of an organization and thereby disrupt services, access sensitive information, or steal technology. Discussed below are some of the important threat vectors used by malicious actors. = Direct access: Through direct access, the attacker gains physical access to the target system and performs malicious activities, which include modifications to the operating system and the installation of various types of programs such as keyloggers and software worms. Attackers can also download large amounts of data into backup media or portable devices. = Removable media: Devices such as USB drives, phones, and printers can become a threat vector when plugged into an organization’s system or network. These devices might contain malware that run automatically on the host system to steal or corrupt critical files. Detecting and preventing data leakage through removable media can be difficult. = Wireless: A corporate device implementing an unsecured wireless hotspot can be compromised along with the internal network. Attackers may use tools to crack the authentication credentials of a corporate wireless network or spoof a trusted access point to gain access to the target network. = Email: Attackers use email as a vector to perform various phishing malicious attachments to compromise the target. Attackers attempt Module 01 Page 17 attacks with to trick the Certified Cybersecurity Technician Copyright © by EC-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Information Security Threats and Vulnerabilities Exam 212-82 employees of an organization to click on malicious links and attachments that are sent through emails to infect their system with malware or to gather sensitive information. = Cloud: Attackers inject malware into cloud resources to gain access to user information. They can add a service implementation module to SaaS, PaaS, or a virtual machine instance to deceive a cloud system. The user’s requests will then be redirected to the attacker’'s module or instance, which initiates the execution of malicious code. Alternatively, attackers find user accounts with weak credentials and exploit them to gain access to the target cloud services/data. = Ransomware/malware: the target system to Attackers can take advantage of unpatched vulnerabilities in inject ransomware. Furthermore, including Trojans, adware, and file-less malware infiltrate the target organization. can various types be employed of malware by attackers to = Supply chain: Using this threat vector, the attacker attempts to compromise the target by exploiting vulnerabilities in the resources supplied by a third-party vendor. The attacker takes advantage of these vulnerabilities to introduce malicious payloads and bypass endpoint security devices/solutions. = Business partners: Third-party organizations can emerge as a threat vector to an organization. Attackers can use supply-chain attacks to gain access to the customers’ information. Organizations must introduce cybersecurity best practices and demonstrate mutual transparency to mitigate this risk. Module 01 Page 18 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.