Attack vectors help unauthorized elements to exploit the vulnerabilities in the system or network, including the human element. Examples of attack vectors are email attachments, pop-up windows, deception, chat rooms, viruses, and instant messages.
Attack surface
The sum-total of points on a network where attacks can occur where an unauthorized user (the “attacker”) can try to manipulate or extract data using a myriad of breach methods (the “cyber-attack vectors”). If you consider a graph, where the x-axis lists all of the devices and apps on your network (infrastructure, apps, endpoints, IoT, etc.) and the y-axis are the different breach methods such as weak and default passwords, reused passwords, phishing, social engineering, unpatched software, misconfigurations, etc. the plot is your attack surface.
![](http://192.168.1.66/wp-content/uploads/2022/03/attack-surface2.png)
Cyber Attack vector
The method or ways by which an adversary can breach or infiltrate an entire network/system. Attack vectors enable hackers to exploit system vulnerabilities, including the human element of which is the weakest element.