BlogHacking9TH NOV 2023
AuthorSamir Yawar
10 min read

Attack Vector: 16 Big Cyber Threats to Look Out For in 2023

a feature image for a blog about attack vector
BlogHacking9TH NOV 2023
10 min read

Attack Vector: 16 Big Cyber Threats to Look Out For in 2023

AuthorSamir Yawar
a feature image for a blog about attack vector

What do hackers usually use to gain unauthorized access to an individual or organization’s data? They first identify a suitable attack vector to find a way into a network or system.

Take the story of Simon, an IT manager at ACE Inc., a content marketing company. His company handles marketing for some of the top brands in the world. He has to guard their secrets day in and day out.

Given the treasure trove of information he is tasked with protecting, some cybercriminals have set their sights on Simon. These hackers spot a vulnerability in ACE’s network. They use an attack vector that targets that particular weakness to launch a cyber attack, ultimately gaining access to confidential client information.

There is more than one way to take down the most formidable cyber defences. Today we will talk about the various attack vectors that can accomplish this feat and what you can do to deal with each of them.

What is an attack vector?

Celebrated con artist Frank Abagnale of the Catch Me If You Can fame says that there’s no such thing as a foolproof system. There is always a loophole if you look hard enough. If anything, he says it is now easier than ever to steal data with user credentials and malicious software.

Frank Abagnale with Leonardo Dicaprio
Frank Abagnale (left) with Leonardo Dicaprio (right) | Image Credits: Getty Images

Just like there are multiple ways to rob a house, there is also more than one way to gain unauthorized access to a secure network and steal sensitive information. These methods of breaching system defenses are known as attack vectors (also threat vectors).

Attack Vector vs. Attack Surface

An attack surface, by comparison, is the component that an attack vector seeks to target. It can be the total network area, the devices, or even the people hackers target. It is the sum of all attack vectors.

16 Common Attack Vectors that Hackers Use

As communication tools and networks have exploded in numbers and popularity, hackers now have more opportunities to gain access to data or other sensitive information. We take a look at some of the most common threat vectors in use today:

Compromised Credentials

According to the IBM Cost of Data Breach Report, compromised credentials led to nearly one-fifth of all cyber attacks in 2022.

  • What is it? Usernames and passwords that have been exposed through data leaks, phishing, or malware.

  • Consider: Using continuous monitoring and tools like password managers, multi-factor authentication methods, and biometrics to reduce the risk.

Weak Credentials

George Finney, the chief information security officer at Southern Methodist University, says:

“It’s tempting to use one easy-to-remember password, like your dog’s name, for all your passwords. These kinds of passwords make people feel safe because they’re so easy to remember.”
  • What is it? Weak and reused passwords that easily lead to data breaches.

  • Consider: Educating people about secure password creation, the use of password managers, or single sign-on tools.

Insider Threats

Businesses in the US encounter about 2,200 internal security breaches daily as of May 2023.

  • What is it? Disgruntled employees, unaware participants, or malicious insiders expose private information or vulnerabilities.

  • Consider: Better cybersecurity awareness training and multi-factor authentication options for employees.

Missing or Poor Encryption

According to the World in Data Breaches report by Varonis, 7 million unencrypted data records are compromised every day.

  • What is it? The lack of encryption such as properly signed SSL certificates and DNSSEC that protects your data during transmission.

  • Consider: Implementing strong encryption for data at rest prevents exposure to breaches or leaks.


In 2022, misconfiguration accounted for 21% of error-related breaches.

  • What is it? Incorrect and incomplete configuration of services or settings, using default credentials and outdated software.

  • Consider: Regularly reviewing and automating configuration management to prevent drift.


The severity of ransomware attacks has declined from 44% to 35% in 2023.

  • What is it? A form of extortion where hackers encrypt your data until the ransom is paid.

  • Consider: Deploying a defense plan that includes security awareness training, system patching and regular data backups.


As much as 44% of social engineering attempts were accomplished with the help of phishing in 2022.

  • What is it? Social engineering attacks that trick users into providing sensitive data or credentials.

  • Consider: Cybersecurity awareness training programs that help you spot fake messages leading to malicious websites or malware.


A study shows that 84% of companies have high-risk vulnerabilities, half of which could be removed with a simple software update.

  • What is it? New exploits that are discovered daily, including zero-day threats.

  • Consider: Deploying timely and tested software patches and practicing cyber hygiene needed to mitigate zero-day attacks.

Brute Force

Attackers attempt various methods continuously to gain access, hoping to overwhelm existing systems.

  • What is it? Brute force attacks target weak passwords and encryption.

  • Consider: A strong password policy and limiting the number of login attempts.

Distributed Denial of Service (DDoS)

Microsoft says that the US bore the brunt of the global DDoS attacks in 2022, with a whopping 45% of the attacks.

  • What is it? Attacks that overload network resources, causing system unavailability.

  • Consider: Mitigating DDoS attacks with CDNs and proxies to handle traffic influx.

SQL Injections

Hackers from the Lulzsec group breached multimedia giant Sony Pictures' website with a simple SQL injection attack, causing a loss of $605,000 with leaked data.

  • What is it? Web code that exploits vulnerable SQL queries to access unauthorized information.

  • Consider: Risk mitigation strategies for databases containing sensitive data and personally identifiable information (PII).


About 270,228 “undiscovered” trojan malware variants were observed in the first half of 2022 alone.

  • What is it? Malware disguised as legitimate programs that spread through infected attachments or fake software.

  • Consider: Measures against downloading and executing suspicious files.

Cross-Site Scripting (XSS)

Cross-site scripting attacks, also known as web application exploits, remain the third biggest cybersecurity threat in 2022.

  • What is it? The practice of injecting malicious code into websites, targeting visitors.

  • Consider: Prevention by validating user input and sanitizing data.

Session Hijacking

According to cyber insurer Hiscox, 61% of their ransomware claims in 2022 involved an attack that started with remote desktop protocols (RDP) being accessible externally.

  • What is it? Attackers steal session cookies to gain unauthorized access.

  • Consider: Implementing secure session management and using HTTPS for website addresses.

Man-in-the-Middle Attacks (MITM)

MITM attacks rose by 35% between Q1 2022 and Q1 2023.

  • What is it? Attempts by cybercriminals to Intercept and manipulate network traffic on public Wi-Fi networks.

  • Consider: Using VPNs and avoiding transmitting sensitive data over public Wi-Fi.

Third and Fourth-Party Vendors

Estimates suggest that 60% of all data breaches happen because of failings by third-party vendors.

  • What is it? Outsourced vendors who present potential privacy risks to customer or proprietary data.

  • Consider: Implementing robust vendor risk management practices to choose and vet vendors.

For simplicity, cybersecurity experts usually separate attack vectors into two broad categories - active attack and passive attack.

What is an active attack?

Active attacks involve the direct interaction and manipulation of network or system components. These attacks aim to disrupt, modify, or destroy the targeted resources. 

Some common examples of active attacks include:

  1. Denial-of-Service (DoS) Attacks: These attacks overwhelm a system or network with excessive traffic, rendering it unable to provide services to legitimate users.

  2. Man-in-the-Middle (MitM) Attacks: In this type of attack, an attacker intercepts and relays communication between two parties, gaining unauthorized access to the information being exchanged.

  3. Malware Infections: Active attacks often involve using malicious software (malware) to compromise systems, steal data, or gain unauthorized access. This includes viruses, worms, ransomware, and Trojan horses.

  4. Password Attacks: Active attacks may include methods like brute-force or dictionary attacks to gain unauthorized access to user accounts or systems by guessing or cracking passwords.

  5. Spoofing Attacks: These attacks involve the manipulation of network protocols or data packets to deceive systems or users and gain unauthorized access.

A list of active attack vectors related to cybersecurity
A glossary of active attack vectors

What is a passive attack?

On the other hand, passive attacks focus on unauthorized monitoring or eavesdropping on network communications without actively manipulating or disrupting the data flow. The primary goal of passive attacks is to gather sensitive information without being detected. Some common examples of passive attacks include:

  1. Packet Sniffing: Attackers capture and analyze network traffic to intercept and extract sensitive data, such as usernames, passwords, or confidential information.

  2. Traffic Analysis: This attack involves analyzing patterns, volume, and timing of network traffic to derive sensitive information, even if the actual content is encrypted.

  3. Data Interception: Attackers passively intercept data transmissions or communication channels to obtain confidential or sensitive information.

  4. Passive Reconnaissance: Attackers gather information about a target system or network without directly interacting with it. This may involve collecting publicly available information, conducting social engineering, or analyzing network configurations.

A list of passive attacks you are likely to encounter in cybersecurity cases.
A glossary of passive attack vectors


You have learned that attack vectors are specific methods or pathways through which cyber attackers exploit computer systems, networks, or software vulnerabilities to carry out malicious activities. Understanding and addressing attack vectors is crucial for effective cybersecurity defenses.

They can vary greatly in their complexity, sophistication, and impact. Threat vectors encompass various techniques, including social engineering, software vulnerabilities, weak passwords, misconfigurations, and more. Attack vectors may involve active attacks, where the attacker directly interacts with the target, or passive attacks, which focus on unauthorized monitoring or eavesdropping.

Samir Yawar
Samir Yawar / Content Lead
Samir wants a world where people can instinctively whack online scams and feel accomplished without the need for psychic powers. As an ISC2 member, he is doing his bit to turn cybersecurity awareness training into a fun concept with simple, approachable and accessible content. Reach out to him at X @yawarsamir
FAQsFrequently Asked Questions
An attack vector refers to the specific pathway or method used by malicious actors to exploit vulnerabilities and gain unauthorized access to systems or data.
Common attack vectors include social engineering techniques, malware infections, and network-based attacks such as DDoS and Man-in-the-Middle.
Social engineering relies on psychological manipulation to deceive individuals into revealing sensitive information or performing actions that aid attackers in breaching security measures.
Malware, such as viruses and ransomware, can lead to data breaches, system compromise, loss of control, financial loss, and disruption of operations.
Effective defense against attack vectors involves implementing strong cybersecurity measures, including regular software updates, employee training, strong passwords, and robust firewall and antivirus solutions.