A device attack is an exploit that takes advantage of a vulnerable device to gain access to a  network. 

The term "device attack" was coined to differentiate such exploits from those targeting personal computers. The attack vector could be any other kind of Internet-connected device. Potential targets include not just smartphones, which are the most commonly cited example, but also network hardware, smart grid components, medical equipment and embedded systems -- among a great many other possibilities. 

In the past, most malware targeted personal computers because that was the most common type of device connecting to the Internet. Naturally, most anti-malware efforts were designed to protect the PC. Although non-PC devices have become almost ubiquitous in the past several years, security efforts have lagged behind and attackers are taking advantage of that fact. 

Securing non-PC devices is problematic for a number of reasons. For one thing, many security measures, such as virus scanning, that are suitable for a PC, place too great a demand on the limited resources of smaller devices for memory, processor cycles and electrical power. Administration of patches and updates can be difficult because of sporadic connectivity to the corporate network. Furthermore, portable devices can be easily lost or stolen; unless they can be remotely disabled or wiped in that event, they pose a serious risk to the corporate network. 

 

This was last updated in August 2012
Contributor(s): Ivy Wigmore
Posted by: Margaret Rouse

Related Terms

Definitions

  • active attack

    - An active attack is a network exploit in which a hacker attempts to make changes to data on the target or data en route to the target. In a masquerade attack, for example, the intruder pretends to ... (WhatIs.com)

  • passive attack

    - A passive attack is a network attack in which a system is monitored and sometimes scanned for open ports and vulnerabilities. The purpose is solely to gain information about the target and no data ... (WhatIs.com)

  • cryptography

    - Cryptography is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. The term is most often associated with scrambling ... (SearchSoftwareQuality.com)

Glossaries

  • Security threats and countermeasures

    - Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question. Find an Answer.Powered by ITKnowledgeExchange.com

Ask An IT Question

Get answers from your peers on your most technical challenges

Ask Question

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.