Describe how devices become cybersecurity threats
You’ve learned that devices are all around us, and that they hold all kinds of personal information. Also, you've seen that cybercriminals target devices to get their hands on this information. But how do they do this?
Devices as threat vectors
While devices help us to get our work done, and go about our daily lives, they also present opportunities to cybercriminals who want to cause harm. This is because they're threat vectors—they provide different ways in which cybercriminals can carry out attacks. For example:
- Phone, laptop, or tablet – downloading a malicious app might result in the device being contaminated with malware that can exfiltrate sensitive data stored locally, without the user’s knowledge. This compromises confidentiality and integrity because the cybercriminal can now view or modify the data.
- USB drives – cybercriminals can put malicious software or files on a USB drive and insert it into a device like a laptop. The drive could, for example, run ransomware, meaning the availability of the data has been compromised because it's locked in return for a ransom.
- Always-on home assistant devices – these devices are always listening or watching. A cybercriminal can put malicious software on the app stores for these devices. If a user then installs it, the cybercriminal could, for example, attack the device with spyware to secretly record information, and compromise data confidentiality. They could also move laterally to other home devices, and compromise their data.
Let’s look at the following video to see how devices around us can become threat vectors:
Device vulnerabilities
A device can become compromised because of poor health, either because it doesn't have the latest security updates, or it has weak authentication. If you connect this type of device to a Wi-Fi hotspot—in an airport, for example, it's an easy target for attackers. They know the common vulnerabilities of devices and applications, and how to gain unauthorized access.
After an attacker gains access, they can run scripts to install malware. In most cases, malware like back doors or botnets can persist on the device even after it's updated. This causes further damage when a user connects the infected device to a work or home network.
Some users want to gain more control of their devices for customization or other purposes, and might resort to jailbreaking. This is where a user finds unofficial ways to get full access to the core systems of a device. The device becomes vulnerable because this action might circumvent security measures. This gives cybercriminals the opportunity to provide false guidance or software that compromises the device.
Any connected device has the potential to be a threat vector if it’s not properly secured. Having learned this, we can now think about the different ways in which we protect our devices.