Interception attack definition
Interception attacks are any situation where a hacker intercepts and changes communication between two parties without their knowledge. To do that, the attacker may place themselves between the sender and the receiver — this is called a man-in-the-middle attack.
Other interception attack methods include:
- Taking over wireless communication
- Manipulating network traffic
- Exploiting vulnerabilities in communication protocols
- Hacking network infrastructure.
Whatever the method, the goal is to eavesdrop, manipulate, or even impersonate the communication.
See also: man-in-the-middle attack, evil twin, eavesdropping
Interception attack examples
- Man-in-the-middle attack. In a man-in-the-middle attack, the attacker positions themselves between the sender and the receiver. This allows them to intercept the communication, listen to the messages, modify the content, or impersonate one or both parties involved.
- SSLStrip. SSLStrip is a well-known interception attack that targets the HTTPS communication protocol. It tricks users into connecting to insecure HTTP websites instead of the intended secure HTTPS sites. This allows the attacker to intercept and manipulate the traffic.
- Evil twin attacks. In evil twin attacks, attackers set up rogue Wi-Fi access points that mimic legitimate networks. Unsuspecting users connect to them, allowing the attackers to intercept and manipulate their data.
- DNS spoofing. DNS spoofing is when hackers tamper with the domain name system (DNS) to redirect users to harmful websites or intercept their communication. They do it by altering the DNS responses. As a result, users think they are visiting a trusted website when they are actually interacting with the attacker's server.