Threat vectors

Before malicious software infects a computer, it needs to find its way into the system.

The route it takes is called a threat vector. There are many different threat vectors and it’s important you know what they are. So, how many do you know? Make a quick list before reading on and checking your ideas.

What are the types of threat vector?

Figure 1:Threat vectors

Visiting a compromised or malicious website

There are a few ways that visiting a site could lead to infection, such as:

• A program automatically downloading in the background.
• A malicious script running to steal information or redirect to other sites.

Downloading or installing software

You may unwittingly install malicious software that presents itself as legitimate. As a rule, you should only download software from legitimate and trusted sources, or trusted vendors, who have some liability and a privacy statement.

Installing infected media

This might be through an infected program on a USB drive. For example, someone might think they’re only copying a document from the removable drive to their computer. But, because of the autorun feature on the operating system which executes when removable media is connected to Windows, a malicious piece of software is executed. These types of infections can occur with any kind of removable media, like CDs, DVDs, back-up tapes and portable hard drives.

Opening email attachments

An email attachment can contain malicious software, that, when run, will infect a computer system. Care should be taken to ensure that any attachment doesn’t include a macro virus or that a downloaded link doesn't have a virus embedded within it.

Through ethernet, wireless and Bluetooth connections

PCs, Apple Macs, tablets, and mobile phones support multiple forms of communication. If all these communications services are turned on, an attacker could target the system even when it’s not being used.

For example, if Wi-Fi is turned on, the computer might act as a wireless access point for others to access the network. An attacker might break into the device over Bluetooth and then move from there into the corporate network over the LAN.

What’s next?

What steps could you take to secure these threat vectors? You’re going to explore some possible counter measure next so see if you recognise any of your ideas.