Attack Surface Definition & Meaning
An attack surface is an area or point at which an attacker is most likely or most able to breach a or account that contains any type of sensitive , especially any point that contains an unpatched or . An attack surface slightly differs from an attack vector, which is the method that the attacker employs to reach the data. Attack surfaces include:
Any devices which connect to a company's network, whether directly or indirectly. This especially includes devices, which often don't have dedicated features.
Privileged access accounts. If an important or executive account isn't secured with multiple factors of , attackers can use stolen credentials to enter it. is a protocol for greatly reducing and protecting the access that employees have to sensitive data.
Employees who aren't prepared or vigilant. techniques are one of the most common attack vectors, and attackers are frighteningly successful when they send malicious, convincing-looking , phone calls, or other messages to employees even in large organizations.
A company's physical location. Buildings aren't as common for hackers to breach as they used to be, partly because large corporations have implemented security systems and protocols, but also because it's so much easier to access company data through . However, it's still possible that an attacker will ask an employee to hold the door or steal entry credentials to go inside the building and steal information.
Attack vectors, by which attackers will manipulate an attack surface, include:
- — craft messages that appear to be from a legitimate , often one within the company, to convince employees to click a , give up personal data, or send them finances
- Phone calls
- Third-party —not all apps are trustworthy, and some high-profile companies have had due to a third-party application's failure to handle information securely
- Malicious links—these can be sent through any message and download onto a device once clicked
- Unsecured connections—attackers can easily eavesdrop on sessions over public Wi-Fi
- and services—Those used without permission ("") and misconfigured cloud security are other avenues for possible cyber attack
Methods of securing attack surfaces
Implementing authentication protocols: companies should implement technology for high-level accounts and any platforms that host sensitive data. Every employee who tries to enter such an account should provide multiple forms of authentication.
Developing a least privilege approach: companies should always be aware of who is accessing their data and should regularly reassess who absolutely needs access. Data breaches often happen because an attacker entered a privileged access account. Often companies give too many employees access to accounts they don't need to do their job, and that's a liability.
Developing protocols for remote work: if employees are accessing company data from a distance, what rules should they use to protect their devices? Rules such as using a rather than public Wi-Fi networks could apply.
Monitoring network traffic within the company: companies should be aware of how employees use company devices and Wi-Fi networks. If they're frequenting suspicious , they're more likely to click a malicious link or give their company to someone fraudulent.
Training employees to be aware of social engineering: businesses frequently receive suspicious emails with malicious links that appear to be from the company but aren't. Falling prey to social engineering tactics could require some troubleshooting for an infected or, at worst, cost the company millions of dollars and their reputation.
Internet of Things as attack surface
The host of smart devices that now connect to the Internet unfortunately have not been designed with the same security protocols as and computers. They don't access VPNs, and it's harder to employ multi-factor authentication on a smart sensor, fo example. Smart devices include any item that can connect to Wi-Fi (or another smart device, such as lights, doors, or drink dispensers).
IoT devices are widely considered one of the banes of large companies as they try to crack down on security vulnerabilities. However, there are a few steps businesses can take to mitigate IoT risks. Testing IoT devices in a company-wide would be a way to expose existing weaknesses; hiring a third-party business provides good training and improvement opportunities. Companies should also develop a security plan for IoT devices in office (and out of office if a remote worker has unsecured IoT devices on the same Wi-Fi network as their work computer, for example).
Stay up to date on the latest developments in Internet terminology with a free newsletter from 顶盛体育直播. Join to subscribe now.
From A3 to ZZZ we list 1,559 text message and online chat abbreviations to help you translate and understand today's texting lingo. Includes Top... Read More »Huge List of Computer Certifications
Have you heard about a computer certification program but can't figure out if it's right for you? Use this handy list to help you decide. Read More »
Computer architecture provides an introduction to system design basics for most computer science students. Read More »Network Fundamentals Study Guide
Networking fundamentals teaches the building blocks of modern network design. Learn different types of networks, concepts, architecture and... Read More »The Five Generations of Computers
Learn about each of the five generations of computers and major technology developments that have led to the computing devices that we use... Read More »