This topic contains 1 reply, has 2 voices, and was last updated by krista 3 weeks ago.
- April 19, 2021 at 9:37 am #384785
Most places online and my CEH book define Ransomware to be an attack vector, which I don’t really understand since those same sources cite an attack vector to be something along the lines of
> A potential entry point for hackers; a vulnerability, misconfiguration or human error.
Anyone that could clarify how something that (to me at least) seems to be a post-exploitation method can be considered an attack vector?
- April 19, 2021 at 9:37 am #384786
you aren’t thinking this through.
if i’m trolling your network, and notice you got p0wnd with ransomware by someone else, there’s a number of ways i can use this to attack you… even though i didn’t send you the ransomware.
for starters, i could offer my services to try to get your dataz back for a fee… and then either fail, or get a larger fee from you than the ransome, pay the hacker, and keep the difference.
if the ransomware is still resident and doing stuff on the network, there’s another attack vector.
just because *わ* successfully attacked *も* doesn’t mean that the attacks are done. heck, i could possibly exploit *わ* to get to *も*, because they left something open.
- April 19, 2021 at 9:37 am #384787
You are overthinking this.
Its an attack vector in that having it installed allows people onto your machine to do malicious things.
- April 19, 2021 at 9:37 am #384788
So, an attack vector means an entry point into the system, a potential vulnerability that can be exploited. The only way that this is an vulnerability to the client is that having this type of attack done to a network means that there’s probably ways to exploit the ransomware itself (the connections it makes, the code itself, the things it installs or changes etc) so that you could use that to get into the network easier. That’s what they should mean.
To the people saying “it’s an attack vector because they result from human error mostly” don’t understand the meaning of attack vector semantically. Something can’t be dangerous because something associated with it is dangerous, that’s danger by association and is stupid. Also, having any certification is better than having no certification, it at least shows a willingness to improve and a clear evidence of CPD (continual personal development) which is required in the constantly-evolving security field.
You’re getting heavily downvoted because you’re challenging their positions and asking them to explain, avoid people who use their opinions as their justifications for their answers, they’re more often than not, talking pure shit. This is a mighty toxic thread for someone just asking questions, grow up people
- April 19, 2021 at 9:37 am #384789
First the CEH isnt a good cert, there’s lots of issues with it..
Possibly could because normally ransomware is triggered by human error
- April 19, 2021 at 9:37 am #384790
It’s not an attack vector.
You must be logged in to reply to this topic.