May 11, 2021

Why is Ransomware considered an attack vector?

Home Forums Why is Ransomware considered an attack vector?

This topic contains 1 reply, has 2 voices, and was last updated by  krista 3 weeks ago.

  • Author
  • #384785


    Most places online and my CEH book define Ransomware to be an attack vector, which I don’t really understand since those same sources cite an attack vector to be something along the lines of
    > A potential entry point for hackers; a vulnerability, misconfiguration or human error.

    Anyone that could clarify how something that (to me at least) seems to be a post-exploitation method can be considered an attack vector?

  • #384786


    you aren’t thinking this through.

    if i’m trolling your network, and notice you got p0wnd with ransomware by someone else, there’s a number of ways i can use this to attack you… even though i didn’t send you the ransomware.

    for starters, i could offer my services to try to get your dataz back for a fee… and then either fail, or get a larger fee from you than the ransome, pay the hacker, and keep the difference.

    if the ransomware is still resident and doing stuff on the network, there’s another attack vector.

    just because *わ* successfully attacked *も* doesn’t mean that the attacks are done. heck, i could possibly exploit *わ* to get to *も*, because they left something open.

  • #384787


    You are overthinking this.

    Its an attack vector in that having it installed allows people onto your machine to do malicious things.

  • #384788


    So, an attack vector means an entry point into the system, a potential vulnerability that can be exploited. The only way that this is an vulnerability to the client is that having this type of attack done to a network means that there’s probably ways to exploit the ransomware itself (the connections it makes, the code itself, the things it installs or changes etc) so that you could use that to get into the network easier. That’s what they should mean.

    To the people saying “it’s an attack vector because they result from human error mostly” don’t understand the meaning of attack vector semantically. Something can’t be dangerous because something associated with it is dangerous, that’s danger by association and is stupid. Also, having any certification is better than having no certification, it at least shows a willingness to improve and a clear evidence of CPD (continual personal development) which is required in the constantly-evolving security field.

    You’re getting heavily downvoted because you’re challenging their positions and asking them to explain, avoid people who use their opinions as their justifications for their answers, they’re more often than not, talking pure shit. This is a mighty toxic thread for someone just asking questions, grow up people

  • #384789


    First the CEH isnt a good cert, there’s lots of issues with it..

    Possibly could because normally ransomware is triggered by human error

  • #384790


    It’s not an attack vector.

You must be logged in to reply to this topic.