How Hackers Target Endpoint Devices

October 16, 2018 / GuidesFor Team

In the past couple of years, we’ve seen some of the most damaging attacks on enterprise systems. The WannaCry ransomware attack of 2017 spread across 150 countries, causing billions of dollars in damages. Attackers are unrelenting, and although investments in security measures have increased, the threat landscape is rapidly adapting to upgrades in technology solutions. Cybersecurity Ventures predicts that cybercrime damages will cost the world $6 trillion annually by 2021.

What causes greater alarm is the vulnerability of systems through endpoint devices. Put simply, an endpoint is a device that is permitted to access or connect to a network. This includes mobile phones, smartphones, laptops, desktop computers, and printers. With advancements in cloud technology and a workforce that is now constantly connected and on-the-go, the management of endpoints becomes far more complex and the entry points for threats more widespread.

Here are the common kinds of attacks that an organization can be susceptible to, through its endpoint devices:

  •     Phishing emails are one of the most common forms of cyber attacks. Because endpoint devices are often managed by individual users that are prone to error, attackers target this specific weak point. The strategy in this type of attack is to lure the user to click on a malicious link or file, and to disclose personal information, which will then serve as the hacker’s gateway to deeper access or more sensitive data.

Phishing is often the delivery method for ransomware attacks, in which hackers withhold sensitive data in exchange for a sum of money. But other effects include data breaches, identity theft, stealing of intellectual property, and infection of infrastructure.


  •     Fileless malware is one of the more challenging forms of malicious software to detect. It runs and exists in the device’s memory without leaving traces in the file system or registry. Hackers take advantage of tools already built into the device’s system to avoid detection by antivirus software.

The main advantage that hackers have in this type of attack is stealth, allowing them to escalate privileges or access to a system, or to gather information undetected.

  •     Piggybacking is the method of hiding malicious code within legitimate software. When a user installs legitimate software, a portion of the program that had been tampered with is bundled with unwanted software. This infects the device in which it is installed, giving the attacker access and control.

While hackers have indeed developed sophisticated methods, endpoint security continues to evolve using new methods that employ advanced analytics and machine learning. Endpoint security has moved far beyond antivirus software that simply manages detection. Next-Generation Endpoint Security (NGES) allows organizations to implement a solution that not only protects its endpoint devices, but continuously prevents it from using new technologies. This includes methods for analyzing collective data and behaviors, as well as capabilities for faster, more targeted investigations.

Prevention, detection, and containment are possible with more advanced security measures in place. But vulnerabilities are essentially due to human error, which makes endpoint devices a convenient target for attackers. An integrated system not only requires a revamp in the security infrastructure, but also in the end user policies implemented throughout your organization.

Posted In: