A sniffing attack is an act of intercepting or capturing data while in transit through a network. The concept is similar to law enforcers wiretapping a suspect’s phone line to gather necessary information. Remember when the Federal Bureau of Investigation (FBI) wiretapped Leonardo DiCaprio’s phones in the movie The Wolf of Wall Street? So instead of using wiretaps to catch bad guys and seek justice, sniffing attacks are employed by cybercriminals to steal data.
During a sniffing attack, hackers can steal any information victims transmit as long as it is not encrypted. The data can include usernames, passwords, bank and credit card accounts, favorite websites, and email messages. Cybercriminals can then use this data to further steal from victims. For one, they could access a victim’s bank accounts and use his/her credit card details in fraudulent transactions. They could also sell stolen usernames and passwords on the Dark Web or steal victims’ identities.
Read More about a “Sniffing Attack”
Sniffing attacks are also called “packet sniffing” or “network sniffing” attacks because the cybercriminals sniff data packets within a network. A data packet is a unit of data sent and received on a network. When you send an email, for example, your message travels the network in the form of data packets. And when an attacker sniffs this packet, they would have access to your email’s content and know who its recipient is.
Real-Life Sniffing Attack
Just as wiretapping does not only happen in movies, there have also been several recorded cases of real-life sniffing attacks. One significant example occurred in 2009 when Heartland Payment Systems suffered a security breach that allowed sniffers access to credit cardholder data. The online payment processing company had to pay victims US$12.6 million as fine for insufficiently protecting customers against the sniffing attack.
Types of Sniffing Attacks
Sniffing attacks fall into two categories—active and passive.
Active sniffing attacks
Active sniffing occurs when an attacker interacts with network traffic as in a traffic-flooding attack. The victim could detect someone sniffing data from his/her network during such an attack.
Passive sniffing attacks
Passive sniffing attacks, on the other hand, are more dangerous as victims may not know that an attacker is spying on them for a long time without getting detected. In such an attack, an attacker listens in and intercepts network traffic without interacting with it.
How to Protect against Sniffing Attacks
Since sniffers can only steal unencrypted data, a logical solution is to make sure that all network traffic is encrypted. How is this done? Below are some tips.
- HyperText Transfer Protocol Secure (HTTPS): Make sure that you only input login credentials on web pages that use HTTPS. HTTPS means that your sessions are encrypted, making it difficult for sniffers to steal your username and password.
- HTTPS Everywhere: HTTPS Everywhere is a browser extension designed to use HTTPS on almost every website automatically. It was developed by the Tor Project and the Electronic Frontier Foundation (EFF). It is available on Google Chrome, Firefox, and Opera.
- Virtual private network (VPN): A VPN is a tool that encrypts all network traffic. Anyone spying or sniffing wouldn’t see the websites you’re visiting nor the data you send and receive.
Keep in mind that even when someone launches a sniffing attack against your network, he/she can’t steal anything valuable from you if you keep your traffic encrypted.