Attack Vectors

Attack Vectors

Overview of Attack Vectors in relation to cyber crime: [1]Cybercrimes are increasing in number and complexity. This reality reflects increasingly sophisticated attack vectors. Operating systems vulnerabilities continue to be a major source of attack vectors, including those such as Windows, Mac OS X, and Unix. According to the SANS Institute, cybercriminals also employ SQL injection to trick a software application into running unauthorized queries against its backend database. With SQL injection, an attacker can gain complete control of a database, stealing or altering its contents at will. This tactic has been used to steal millions of credit card account numbers in several high-profile hacking incidents. What is more, with numerous incidents of large-scale data losses in recent years, cybercriminals may have already established vast archives of personal information they can use to carry out future identify theft or other types of financial crimes.

Resources

Notes and References

1. By Paul Lepkowski

See Also

• Types of Cybercrime
• Cybercriminal

Further Reading

Claburn, T. (2007). Spam made up 94% of all email in December. Information Week Web page, (internet link) informationweek.com/showArticle.jhtml ?articleID=197001430; McQuade, S.C. (2006). IT-enabled abuse, attacks and crime. In Understanding and managing cybercrime (Chap. 3). Boston: Pearson Education, Inc.; SANS Institute. (2007). Top 20 Internet security attack targets (2006 annual update). SANS Web page, (internet link) sans.org/top20/; SANS Institute Press Update. (2007). 2006 annual update of attack targets shows marked increase in targeted attacks and a human error joins the top 20. SANS Web page, available at (internet link) sans.org/top20/2006/press_release.pdf?portal=05f0c036c9e04e014be379370ec0e37f.