Data Interception Attacks |
Attack Pattern ID: 117 (Standard Attack Pattern Completeness: Stub) | Typical Severity: Medium | Status: Draft |
Summary
An attacker monitors data streams to or from a target in order to gather information. This attack may be undertaken to gather information to support a later attack or the data collected may be the end goal of the attack. This attack usually involves sniffing network traffic, but may include observing other types of data streams, such as radio. In most varieties of this attack, the attacker is passive and simply observes regular communication, however in some variants the attacker may attempt to initiate the establishment of a data stream or influence the nature of the data transmitted. However, in all variants of this attack, and distinguishing this attack from other data collection methods, the attacker is not the intended recipient of the data stream. Unlike some other data leakage attacks, the attacker is observing explicit data channels (e.g. network traffic) and reading the content. This differs from attacks that collect more qualitative information, such as communication volume, or other information not explicitly communicated via a data stream.
All targets that transmit information over a network is potentially vulnerable to this attack.
The attacker must have the necessary technology to intercept information passing between the nodes of a network. For TCP/IP, the capability to run tcpdump, ethereal, etc. can be useful. Depending upon the data being targeted the technological requirements will change.
CWE-ID | Weakness Name | Weakness Relationship Type |
---|---|---|
311 | Missing SecurityDatabase\Encrypt\Encryption of Sensitive Data | Targeted |
Nature | Type | ID | Name | Description | View(s) this relationship pertains to |
---|---|---|---|---|---|
ChildOf | Category | 118 | Data Leakage Attacks | Mechanism of Attack (primary)1000 | |
ParentOf | Attack Pattern | 31 | Accessing/Intercepting/Modifying HTTP Cookies | Mechanism of Attack (primary)1000 | |
ParentOf | Attack Pattern | 157 | Sniffing Attacks | Mechanism of Attack (primary)1000 |