Please enable JavaScript.
Coggle requires JavaScript to display documents.
INFORMATION SECURITY ATTACK VECTORS - Coggle Diagram
INFORMATION SECURITY ATTACK VECTORS
Insider attack
Exploits knowledge of the system
Carried out by someone with authorized access
An employee working at a company might have access to sensitive company data. If this employee is disgruntled or has malicious intent, they could steal this data and sell it to a competitor or leak it to the public.
IoT (Internet of Things):
Targets IoT devices
Exploits vulnerabilities to control devices remotely
Let's say you have a smart home system that controls your lights, thermostat, and security cameras. A hacker could exploit a vulnerability in the system and gain control of these devices. They could then turn off your lights, adjust your thermostat, or even use your security cameras to spy on you.
Web Application Attacks
Targets web applications
Aims to steal login credentials, install malware
Imagine you're shopping online on a popular e-commerce website. A hacker could exploit a vulnerability in the website's payment system to intercept your credit card information and make unauthorized purchases. This is a common type of web application attack known as SQL injection.
Phising
Deception through email or other online means
Aims to steal personal information or account credentials
You receive an email that appears to be from your bank, asking you to verify your account information by clicking on a link and entering your login credentials. This is a phishing attack. If you click on the link and enter your information, it will be stolen by the hacker.
Botnet
A network of compromised systems
Used to carry out large-scale cyberattacks
A botnet is a network of compromised devices, like computers or IoT devices, that can be controlled by a hacker. A hacker could use a botnet to launch a Distributed Denial-of-Service (DDoS) attack against a popular website, overwhelming the website's servers and making it inaccessible to users.