Which popular exploit used by threat actors intercepts a system update and injects an update of their own?
- routing attack
- eavesdropping attack
- SQL injections
- firmware replacement
Explanation: Some of the most popular local exploits targeted by threat actors are as follows:
- Firmware Replacement – Updates and patches to devices are usually done remotely. If the process is not secure, threat actors could intercept the update and install their own malicious update.They could have full control over the device and begin attacking other devices in the system.
- Cloning – By creating a duplicate device, both in physical form and the software and firmware running on that device, the threat actor could replace a legitimate device. When the device is up and running, the threat actor could then steal information, or compromise additional devices.
- Denial of service (DoS) – The threat actor could launch a DoS attack to fill the communications channel, causing devices to respond to requests late, or not at all. Depending on the devices, this could cause a lot of damage.
- Extraction of Security Parameters – When a device is not protected properly, the threat actor may be able to extract security parameters from it such as authentication information or security keys.
Exam with this question: IoT Security 1.1 Chapter 5 Quiz Answers
Please login or Register to submit your answer