A device attack is an exploit that takes advantage of a vulnerable device to gain access to a  network. 

The term "device attack" was coined to differentiate such exploits from those targeting personal computers. The attack vector could be any other kind of Internet-connected device. Potential targets include not just smartphones, which are the most commonly cited example, but also network hardware, smart grid components, medical equipment and embedded systems -- among a great many other possibilities. 

In the past, most malware targeted personal computers because that was the most common type of device connecting to the Internet. Naturally, most anti-malware efforts were designed to protect the PC. Although non-PC devices have become almost ubiquitous in the past several years, security efforts have lagged behind and attackers are taking advantage of that fact. 

Securing non-PC devices is problematic for a number of reasons. For one thing, many security measures, such as virus scanning, that are suitable for a PC, place too great a demand on the limited resources of smaller devices for memory, processor cycles and electrical power. Administration of patches and updates can be difficult because of sporadic connectivity to the corporate network. Furthermore, portable devices can be easily lost or stolen; unless they can be remotely disabled or wiped in that event, they pose a serious risk to the corporate network. 

 

This was last updated in August 2012
Contributor(s): Ivy Wigmore
Posted by: Margaret Rouse

Related Terms

Definitions

  • POODLE attack

    - A POODLE attack is an exploit that takes advantage of the way some browsers deal with encryption. POODLE (Padding Oracle On Downgraded Legacy Encryption) is the name of the vulnerability that enabl... (WhatIs.com)

  • POODLE (Padding Oracle On Downgraded Legacy Encryption)

    - POODLE (Padding Oracle On Downgraded Legacy Encryption) is a security flaw that can be exploited to conduct a man-in-the-middle attack that targets Web browser-based communication between clients a... (SearchSecurity.com)

  • Trusted Platform Module (TPM)

    - A Trusted Platform Module (TPM) is a specialized chip on an endpoint device that stores RSA encryption keys specific to the host system for hardware authentication. (WhatIs.com)

Glossaries

  • Security threats and countermeasures

    - Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question. Find an Answer.Powered by ITKnowledgeExchange.com

Ask An IT Question

Get answers from your peers on your most technical challenges

Ask Question

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.