In an increasingly interconnected and digitalized world, the term “attack vectors” has emerged as a key player in the cyber security scenario. From the emergence of the first computer viruses in the late 1980s to today’s sophisticated threats, one thing remains constant: the crucial importance of understanding how these vectors can pose a danger to networks and systems.
The biological metaphor of viruses, which can hide and spread, couldn’t be more appropriate to approach the subject. It illustrates how malicious programs invade and compromise our devices, causing havoc such as malfunctions and the theft of sensitive information. In this article, we will explore the evolution of attack vectors, covering even contemporary tactics that challenge the strictest cybersecurity strategies.
Contextualizing the Attack Vectors
The appearance of computer viruses in the late 1980s surprised many people. At the time, it wasn’t easy for us to understand that an entity of an invisible and impalpable nature, such as software, could damage information and cause harm. But with the growing popularity of personal computers, it didn’t take long for us to discover the risks of using illegally copied (in other words, pirated) programs or media (at the time, floppy disks) of unknown or dubious origin. However, it was precisely there that the danger was hidden.
Computer viruses got their name because of the similarity between them and biological viruses. This metaphor was adopted because of the similarities with the forms, functions and consequences of the biological viruses that attack us humans. Computer viruses are programs that can hide inside other programs and take control of the device, affecting its operation and efficiency.
All this has only one name: malware
Today, cybersecurity experts have a variety of other names for programs of this type – worms, trojans and RATs, for example. They’ve even created a category for this type of problem: malware. But it doesn’t matter what you call it. All of them are malicious programs, which arrive hidden, are installed without notifying you, can remain hidden for an indefinite period, and at some point will cause you some kind of problem.
The problem suddenly appears on your device, whether it’s a computer, a cell phone or something else. The device may crash, slow down or behave in ways you don’t expect. At such times, we may feel that we’ve done something wrong, or that we’ve failed to take action.
In general, the problem didn’t start at that moment and wasn’t something “wrong”, but accidental. Support specialists will eventually discover that the device has been infected by malware, and in the vast majority of cases they will be able to solve the problem at the same time. Soon, they will also discover how the virus got there. This way, they’ll find out – in cybersecurity parlance – what the contamination vector was.
The nomenclatures we brought from biology to computing
This word – vector – was also borrowed from biology. In life sciences, vectors are living organisms that contain and carry a virus. The Aedes aegypti mosquito, for example, is the main vector of the dengue virus.
For decades, security experts have been fighting a daily battle against attack vectors. At first, the danger was only in the media – the floppy disks, CDs and DVDs containing illegally copied games, business applications or even entire operating systems. Then came USB sticks. Now, with the ubiquity of the Internet, practically any user has access to downloading files to get what they want. Currently, these are the classic vectors: files that reach the user’s computer carried on media or downloaded. Once installed, opened or run, they release the malware, which hides in your machine and starts preparing for the attack.
Remember the case of Natanz
You may remember one of the most notable cases of network contamination, which took place in 2010. This case took place at the Iranian government’s uranium processing plant in the city of Natanz. At the time, a virus called Stuxnet hit the programmable electronic controllers of uranium production centrifuges, causing damage that set back Iran’s atomic program by at least a year. However, as the plant had no Internet connection, the contamination occurred a year earlier via USB sticks in four companies that provided services to the plant – the plant’s network was contaminated via the software they produced for the Iranian government. Although the origin of the virus has never been made clear, the Iranian government has accused Israel and the United States of being responsible for the attack.
Even with strict security policies, attack vectors will still be a risk
The USB stick was not a new vector. In companies, its use was already controlled by both antivirus and corporate information security policies, which blocked its use on devices. Measures such as automatically scanning new applications, emails, attachments, media and other vectors for contamination have greatly reduced the risk in companies. Combining this with education programs for employees has also contributed to improving cyber security.
However, there are companies where policies are less strict: in these cases, the risk is permanent, and these companies have the possibility of becoming hosts for malware, eventually contaminating business partners. This is how the Target supermarket chain in the United States was contaminated. In 2013, Target gave access to its network to a small refrigerator maintenance company, which didn’t have good information security practices. In this way, the attackers got into Target’s network and planted “skimmers” in the payment card processing software. In this way, the numbers of approximately 40 million payment cards were stolen.
Attack Vectors and Prevention
No matter how many precautions companies take, it’s almost impossible to prevent some kind of contamination at some point. The most daring, practiced by hackers in the service of nation-states, have used software update packages and even the libraries used by the most popular languages, such as Python, as a vector. In December 2020, SolarWinds informed the market that updates to its Orion platform for IT management contained a backdoor and had contaminated at least 18,000 customers. So, as in the case of Stuxnet, it wasn’t possible to pin the blame on one country, but intelligence experts told the US media that the main suspects were hackers from Russia or China.
As you can imagine, an incident like this justifies the rigid stance of cybersecurity areas, which view any vector as suspicious. That is, of course, until proven otherwise.
So, did you like the article? So be sure to check out our other materials and keep up to date with the world of technology and cybersecurity.
See you next time!
Register for free at
Huge Networks Newsletter
Receive the main news and trends from the world of technology every two weeks.