Cybersecurity
Attack Vector
Definition
An attack vector is a path or means by which a hacker can gain access to a computer or network server in order to deliver a payload or malicious outcome. Attack vectors enable hackers to exploit system vulnerabilities.
Why It Matters
Identifying and securing potential attack vectors is a core part of a defensive security strategy. The more attack vectors that are available, the more opportunities an attacker has.
Contextual Example
Common attack vectors include email attachments (for delivering malware), stolen credentials, unpatched software vulnerabilities, and poorly configured cloud services. Phishing is one of the most common attack vectors.
Common Misunderstandings
- The "attack surface" is the sum of all possible attack vectors in a system.
- Reducing the attack surface is a key goal of security hardening.