Definition
A passive attack is a cyberattack in which an attacker secretly intercepts and monitors network traffic without altering or tampering with the data or engaging with the target system.
The main aim is to collect sensitive information without raising suspicion. This type of attack is difficult to detect because, unlike an active attack, it doesn’t interfere with or affect the normal operation of a network or system.
Passive Attack Examples
- Wiretapping: The attacker covertly listens to or intercepts phone calls or other electronic communications to access sensitive information.
- Packet sniffing: An attacker intercepts network packets to collect personal information like usernames and passwords.