Software is the first thing that comes to mind when you hear that someone, company or organization has been hacked. This is understandable because software is the “brain” of modern devices. So control software gives attackers the power to lock users, steal data, or wreak havoc.
Accessing software is also easier because attackers don’t need to be near their target. However, software updates can keep hackers out, and companies have become adept at stopping attacks and fixing any vulnerabilities. Software security also makes it more cost-effective.
Hardware security, however, is another story.
Hardware hacking involves exploiting vulnerabilities in the physical components of a device. Unlike software hacking, attackers must be on-site and need physical – and reasonably uninterrupted – access to the target device to perform a hardware hack. The tools needed to compromise a device can be hardware, software, or a combination of both, depending on the target.
But why would hackers target hardware? The main reason is that hardware is less of a barrier and the device model won’t change over the years – for example, there are no hardware upgrades for the Xbox console after release. So an attacker who successfully hacks Xbox 360 hardware could get pretty far before Microsoft releases the next-gen console with better security. Besides game consoles, the same is true for all devices you can think of like laptops, phones, security cameras, smart TVs, routers, and IoT devices.
However, the relative immutability of hardware after production does not mean that they are vulnerable to attack right out of the box. Device manufacturers use components – most notably security chipsets – to ensure their devices remain resilient to almost any attack over a long period of time.
Hardware also has firmware (essentially hardware-specific software) that is updated regularly to ensure the device is compatible with the latest software even though its components are old. Firmware updates also make hardware resilient to common hardware hacking methods.
To better understand firmware updates, imagine you have to buy a new game console every time a new type of game comes out. That’s not only frustrating, but it’s also very expensive. The wiser financial decision would be to buy a console that is compatible with both old and new games or only requires a small fix for full compatibility.
For manufacturers, that means they have to anticipate what future generations of games will look like and create consoles that can run them well. Or, at the very least, the components must be compatible with future game releases long enough for the console purchase to be a wise investment.