LISTCRIME.COM
LISTCRIME.COM

Six Basic Initial Attack Vectors. How the Abusers of Internet Protocol Resources gain access to your device, network or enterprise system.    

A Holistic view to approaching Cyber Security and Cyber Crime    


The Cyber Ecosystem of Internet Protocol Resources attempts to provide a more holistic and unified view to our approach to cybercrime and cybersecurity. The map below attempts to highlight a variety of different levels of people, processes, technology and physical services that make up our cyber ecosystem, so that we can start to view the internet and its borderless security problems more broadly.

THE USERS OF INTERNET PROTOCOL RESOURCES, LAYER 6

There are Six Initial Access Attack Vectors (how the attacker gains initial access) for launching unauthorized access into your environment during a cyber-attack. They are a Browser, Link, Attachment (file, program or code), Insider, Scanning and Reconnaissance Exploitation (a triad) and Social Engineering, with each Initial Access Attack Vector being foundational to the beginning stages of every cyber-attack. Together or separately these Six Initial Access Attack Vectors serve as the opening segment of the attack pathway that every the Abusers of Internet Protocol Resources, Layer 7 will utilize as entry to the attack surface.

Simply put, these Six Initial Access Attack Vectors serve as a simplified version of the attack surface and attempt to align with other modeling methodologies such as the Draft NIST 800-154, MITRE ATT&CK , Cyber Kill Chain , NCSC.gov.uk and Common Attack Pattern Enumeration and Classification (CAPEC™).According to Draft NIST Special Publication 800-154 , an attack vector is a segment of the entire attack surface pathway that an attacker uses to access a vulnerability. Each attack vector can be thought of as comprising a source of malicious content, a potentially vulnerable processor of that malicious content, and or the nature of the malicious content itself.

The MITRE ATT&CK and (CAPEC™) Frameworks enable contextual understanding of the attack patterns within an adversary’s operational lifecycle. Although each focus on specific use cases, CAPEC attack patterns and related ATT&CK techniques are cross referenced to bring information to the security community in a formalized way. The attack surface (Attack Vector X Attack Target = Attack Surface) may vary widely, spread across a single host or multiple hosts, involve an exploitation of a single vulnerability or multiple attack vectors. There exists the potential for some attack patterns to align with more than one category depending on one’s perspective. The categories (special highlight to CAPEC ) below represent the Six Initial Access Attack Vectors and categorize the different techniques used to attack a system.

Cyber Kill Chain and NCSC.gov.uk, Stages and Patterns specifically describe the Scanning and Reconnaissance Exploitation (Triad), it’s means, methods, ways, routes, processes or measures (how the attacker gains initial access) and how Scanning and Reconnaissance Exploitation (Triad) is used for initially infection access to your device, network, or enterprise system. Scanning can be defined as to look, sweep, search or cause a surface, object, or part to be traversed. While Reconnaissance is the observation of what you find, and Exploitation is gaining authority or taking advantage of a system.

Download Brochure

THE CYBER ECOSYSTEM MAP