What is device attack? - Definition from WhatIs.com

A device attack is an exploit that takes advantage of a vulnerable device to gain access to a  network. 

The term "device attack" was coined to differentiate such exploits from those targeting personal computers. The attack vector could be any other kind of Internet-connected device. Potential targets include not just smartphones, which are the most commonly cited example, but also network hardware, smart grid components, medical equipment and embedded systems -- among a great many other possibilities. 

In the past, most malware targeted personal computers because that was the most common type of device connecting to the Internet. Naturally, most anti-malware efforts were designed to protect the PC. Although non-PC devices have become almost ubiquitous in the past several years, security efforts have lagged behind and attackers are taking advantage of that fact. 

Securing non-PC devices is problematic for a number of reasons. For one thing, many security measures, such as virus scanning, that are suitable for a PC, place too great a demand on the limited resources of smaller devices for memory, processor cycles and electrical power. Administration of patches and updates can be difficult because of sporadic connectivity to the corporate network. Furthermore, portable devices can be easily lost or stolen; unless they can be remotely disabled or wiped in that event, they pose a serious risk to the corporate network. 

 

This was last updated in August 2012
Contributor(s): Ivy Wigmore
Posted by: Margaret Rouse

Related Terms

Definitions

  • risk-based authentication (RBA)

    - Risk-based authentication (RBA) is a method of applying varying levels of stringency to authentication processes based on the likelihood that access to a given system could result in its being comp... (WhatIs.com)

  • long-tail intrusion

    - Long-tail intrusions include advanced persistent threats (APT). However, sometimes intrusions achieved by simpler methods and malware may be used as the starting point of a long-tail intrusion and ... (WhatIs.com)

  • PKI (public key infrastructure)

    - A public key infrastructure (PKI) supports the distribution and identification of public encryption keys, enabling users and computers to both securely exchange data over networks such as the Inter... (SearchSecurity.com)

Glossaries

  • Security threats and countermeasures

    - Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question. Find an Answer.Powered by ITKnowledgeExchange.com

Ask An IT Question

Get answers from your peers on your most technical challenges

Ask Question

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.