Subscribe to Cyber Resilience Insights
Get the latest cybersecurity news, analysis and tips delivered to your inbox every week.
Budding authors and journalist are taught the difference between active and passive voice in first year writing classes. They understand that active is about “doing” and passive is about “observing.” These techniques can also be applied to cybersecurity as it relates to attack vectors.
According to SearchSecurity a cybersecurity “attack vector is a path or means by which a hacker (or cracker) can gain access to a computer or network server in order to deliver a payload or malicious outcome. Attack vectors enable hackers to exploit system vulnerabilities, including the human element.” Attack vectors come in two flavors: active and passive.
TechTarget defines an active vector attack as “a network exploit in which a hacker attempts to make changes to data on the target or data en route to the target.” The three most common active cyberattack vectors include:
TechTarget defines a passive vector attack as “a network attack in which a system is monitored and sometimes scanned for open ports and vulnerabilities. The purpose is solely to gain information about the target and no data is changed on the target.” The three most common passive cyberattack vectors include:
Attacks that target a mobile device or machine or even a person directly are considered host-based cyberattack vectors. The three most common host-based cyberattack vectors include:
The best way to prevent active, passive and host-based cyberattack vectors is a solution that works on your behalf, 24/7. Selected technologies must evaluate every line of code, making well documented evasion techniques ineffective. It should be agnostic to file type, client-side application type, or the client operating system used within the organization. It should provide protection regardless of operating system, CPU architecture and function (client, server) of the targeted machine.
Check out this whitepaper on an evasion-proof approach against modern cyberattacks that can be a CISO’s best tool in the war on cybercrime. It will outline how to strengthen your cyber defenses dramatically by preventing attacks before they enter and harm your organization, your customers and your brand. Remediation is costly, prevention is not.
Get all the latest news, tips and articles delivered right to your inbox
You will receive an email shortly