How the BAD GUYS Get In: 22+ CyberAttack Vectors


How the BAD GUYS Get In: 22+ CyberAttack Vectors

by Lauren Cahn

Cyber attacks increasingly threaten businesses, and the attack vectors continue to proliferate even as we speak. Here are 22 (and counting) you’ll want to consider right now:


Malware is any malicious code introduced into a computer system for the purpose of compromising the system’s integrity. Malware can steal or delete system data outright, modify system functionality, hijack systems for the purpose of extracting financial ransom, and even track the activities of system users. Malware attacks, which account for at least 28% of all data breaches1, can be introduced into a system via:

  • The installation of software and system patches by a system user or administrator
  • Malicious websites accessed by system users
  • Emails containing malicious attachments intended to be downloaded by a system user
  • Other forms of hacking

Social engineering

Social engineering is the manipulation of a system user into performing an action that reveals sensitive data stored on the system or otherwise compromises the integrity of the system. Social engineering attacks account for at least 33% of all data breaches. Social engineering attack vectors can include:

  • Emails with malicious attachments
  • Emails containing links to malicious websites
  • Phishing scams (emails requesting, cajoling, or even demanding the user provide sensitive information to the sender, including system login credentials)

Physical theft and loss of enterprise devices

Whether we’re talking about desktops, laptops, tablets, smartphones, hard drives or other devices that contain system data, the rule of thumb is that if it isn’t padlocked, it’s safe to assume it can be lost or stolen. Once stolen (or lost), even if a device is password protected, it’s not necessarily impenetrable. An unlocked device that connects to an enterprise system is no different from an unlocked door to a house.

Abuse of privilege

At least 30% of all data breaches are caused by individuals working from inside an organization. About half are accidental; the other half are intentional abuses of privilege. As Forbes puts it2, “If you thought hackers were your biggest security risk, think again. Internal attacks are among the top threats, partially because it’s incredibly easy for people who already have access to sensitive data to abuse it.” Internal attackers can include:

  • Disgruntled employees
  • Employees who have already been terminated but have not yet relinquished their system credentials
  • Employees and other insiders looking for ill-gotten gain (this includes insiders planted by outsiders)

Insider negligence

The other half of data breaches caused by insiders to an organization are inadvertent, including executives and even members of the C-suite. We’re talking human error here, including:

  • Weak passwords
  • The “coffee-shop problem” (using public networks to run enterprise programs containing sensitive data)
  • Sending sensitive information to the wrong recipient
  • Sharing system credentials
  • Inadvertently downloading malware
  • Falling for social engineering attacks
  • Failure of an individual or a system administrator to apply software patches and coding/configuration errors (such that information intended to be confidential becomes internet-facing and/or searchable on the web)
  • Misconfiguration of devices /badly implemented changes

Use and misuse of personal devices

Many workplaces (including Exela’s own MegaCenters) ban the use of personal data-storing devices. The goal is not to keep employees from spending their work hours checking Facebook, but rather to eliminate an easily controllable security vulnerability. A personal device on which enterprise data is stored might as well be an enterprise device—except that it’s far less secure because the enterprise has far less control over it. And like an enterprise device, when unlocked, it becomes an open door into the enterprise’s systems and data.

Cloud vulnerabilities

If it weren’t for the cloud, using multiple devices, both professional and personal, wouldn’t be nearly as seamless. The cloud allows you to access enterprise data wherever you go on any device that’s capable of accessing the cloud. In fact, many of Exela’s solutions are cloud-enabled for just that reason. But we provide our cloud-enabled solutions with confidence because ours are built “and function in accordance with” the high standards of security noted here. Not all cloud storage comes with that level of encryption or authentication, and so, like the personal devices on which the cloud is accessed, the cloud has the potential to become an open door through which the “bad guys” can enter.

Third party providers

The more third party service providers your enterprise uses, the more opportunities that exist for security gaps and glitches. Whatever systems you connect to theirs become subject to their system vulnerabilities—not just technological but human. This is one reason why a single-provider model is advantageous in digital transformation initiatives.

For each attack vector, there are best practices to avoid breaches. We’ll be discussing those best practices in the weeks ahead, as well as how keeping those bad guys out is a business priority at Exela and other of-the-moment security topics. If you missed the earlier posts in this series on cyber security, you can catch up here on:

Gotta read it all now? You can download the entire series as a flipping-book here.

In the future, be sure to subscribe to Exela’s quarterly thought leadership publication, PluggedIN for up-to-the-minute news and views on topics that matter to you