What Is an Eavesdropping Attack?
An eavesdropping attack, also known as a sniffing or snooping attack, is a theft of information as it is transmitted over a network by a computer, smartphone, or another connected device.
The attack takes advantage of unsecured network communications to access data as it is being sent or received by its user.
Key Takeaways
- An eavesdropping attack is the theft of information from a smartphone or other device while the user is sending or receiving data over a network.
- Eavesdropping attacks can be prevented by using a personal firewall, keeping antivirus software updated, and using a virtual private network (VPN).
- Avoiding public Wi-Fi networks and adopting strong passwords are other ways to prevent eavesdropping attacks.
Eavesdropping is a deceptively mild term. The attackers are usually after sensitive financial and business information that can be sold for criminal purposes. There also is a booming trade in so-called spouseware, which allows people to eavesdrop on their loved ones by tracking their smartphone use.
Understanding the Eavesdropping Attack
An eavesdropping attack can be difficult to detect because the network transmissions will appear to be operating normally.
To be successful, an eavesdropping attack requires a weakened connection between a client and a server that the attacker can exploit to reroute network traffic. The attacker installs network monitoring software, the "sniffer," on a computer or a server to intercept data as it is transmitted.
Amazon Alexa and Google Home are vulnerable to eavesdropping, as are any internet-connected devices.
Any device in the network between the transmitting device and the receiving device is a point of weakness, as are the initial and terminal devices themselves.
How to Foil an Eavesdropping Attack
Eavesdropping attacks can be prevented by using a personal firewall, keeping antivirus software updated, and using a virtual private network (VPN).
Using a strong password and changing it frequently helps, too. And don't use the same password for every site you log onto.
Public Wi-Fi networks such as those that are available free in coffee shops and airports should be avoided, especially for sensitive transactions. They are easy targets for eavesdropping attacks. The passwords for these public networks are readily available, so an eavesdropper can simply log on and, using free software, monitor network activity and steal login credentials along with any data that other users transmit over the network.
If your Facebook or email account has been hacked lately, this is probably how it happened.
Virtual Assistants Can Be Spied Upon
Virtual assistants such as Amazon's Alexa and Google Home also are vulnerable to eavesdropping and their "always-on" mode makes them difficult to monitor for security.
Some reported incidents that the companies did the snooping themselves appear to have been accidents caused by mistakes in speech recognition.
Avoid Dodgy Links
Another way to limit your vulnerability to an attack is to make sure your phone is running the most recent version available of its operating system. However, its availability is up to the phone vendor, who may or may not be efficient about offering the update.
Even if you do all of the above, you have to be careful from day to day. Avoid clicking on dodgy links. The sites they link to may install malware on your device. Download apps only from the official Android or Apple stores.
An IV attack is usually associated with which of the following wireless protocols?
A. WEP
B. WAP
C. WPA
D. WPA2
A.
An IV attack is usually associated with the WEP wireless protocol.
What is the size of the initialization vector (IV) that WEP uses for encryption?
A. 6-bit
B. 24-bit
C. 56-bit
D. 128-bit
B.
The initialization vector (IV) that WEP uses for encryption is 24-bit.
What is the size of the wrapper TKIP places around the WEP encryption with a key that is based on things such as the MAC
address of your machine and the serial number of the packet?
A. 128-bit
B. 64-bit
C. 56-bit
D. 12-bit
A.
TKIP places a 128-bit wrapper around the WEP encryption with a key that is based on things such as the MAC address of the host device and the serial number of the packet.
What technology is used to send data between phones that are
in close proximity to each other?
A. NFC
B. IBI
C. IBJ
D. IFNC
A.
Near field communication (NFC) is used to send data between phones that are in close proximity.
What technology is used to simplify network setup by allowing a router to have the administrator push a button on it to allow a new host to join?
A. WEP
B. WPA
C.
WTLS
D. WPS
D.
WPS (Wi-Fi Protected Setup) is intended to simplify network setup for home and small offices.
Which of the following technologies is used to identify and track tags attached to objects?
A. NFC
B. RFID
C. IV
D. DSC
B.
RFID (radio frequency identification)
technology is used to identify and track tags attached to objects.
What type of attack captures portions of a session to play back later to convince a host that it is still talking to the original connection?
A. Replay
B. Echo
C. Duplication
D. Reprise
A.
A replay attack captures portions of a session to play back later to convince a
host that it is still talking to the original connection.
Which standard defines port-based security for wireless network access control?
A. 802.1n
B. 802.1g
C. 802.1x
D. 802.1s
C.
The 802.1x standard defines port-based security for wireless network access control.
Which of the following types of attacks involves the sending of unsolicited messages over a Bluetooth connection?
A. Bluesmurfing
B. Bluesnarfing
C. Bluewhaling/>D. Bluejacking
D.
Bluejacking is the sending of unsolicited messages over a Bluetooth connection.
Karl has checked into a hotel
after a long day of travel. He is attempting to check his daily deluge of email messages using the free in-room Wi-Fi, but it keeps losing the connection. When he calls the front desk, they suggest that he might want to use the premium the Wi-Fi (which costs more) to get a better connection. What type of attack could this scenario represent?
A. Upselling
B. Cross-selling
C. Disassociation<br/>D. Imitation
C.
With a
disassociation attack, the intruder sends a frame to the AP with a spoofed address to make it look like it came from the victim and disconnects them from the network.
Frustrated with the low signal that the devices in his cubicle receive, Spencer brings in his own access point and creates his own network. Kristin, a co-worker, tells him that if the boss finds out about this it is grounds for immediate
dismissal, and he should read the employee handbook if he has any questions. Setting up your own access point represents which of the following?
A. Degenerate
B. Rogue
C. Corporeal
D. Temporal
B.
A rogue access point is any unauthorized wireless access point on a network.
During the authentication part of setting up his small office access point, Wolfgang was required to enter a PIN within 60 seconds. This process is known as:
A. Wired Equivalent Privacy
B. Wi-Fi Protected Access
C. Wi-Fi Protected Setup
D. Wi-Fi Authentication Protection
C.
An authentication process that requires the user to do something in order to complete the enrollment process is known as Wi-Fi Protected Setup (WPS).
Which security protocol for wireless networks attempts to establish the same security for them as would be present in a wired network?
A. WEP
B. WEB
C. WELL
D. WALL
A.
Wired Equivalent Privacy (WEP) is a security protocol for 802.11b (wireless) networks that attempts to establish the same security for them as would be present in a wired network.
Evan fears that the tenant in the office next door is using RF interference to try to force his small company to vacate the building in frustration. Purposely obstructing or interfering with a signal is known as which of the following?
A. Shoving
B. Jamming
C. Cramming
D. Blocking
B.
Jamming is purposely obstructing or interfering with a signal.
What is a disassociation attack more commonly known as?
A. Decertification attack
B. Disconfirmation attack
C. Deauthentication attack
D. Denial attack
C.
A disassociation attack is commonly referred to as a deauthentication attack.
With near field communication (NFC) technology, the industry tends to use what distance as “near”?
A. 1 inch
B. 1.2 inches
C. 1.6 inches
D. 2 inches
C.
While there is no hardcoded standard defining “near,” the industry tends to use 4cm (1.6 inches) as the distance.
With Bluetooth devices suddenly popping up everywhere in your
network, you want to secure as many of them as possible. One of the simplest methods of securing these devices is not to set their attribute to:
A. Discoverable
B. Transmit
C. Announce/>D. Communicate
A.
One of the simplest ways to secure Bluetooth devices is not to set their attribute to Discoverable.
Which of the following is the
gaining of unauthorized access through a Bluetooth connection?
A. Bluejumping
B. Bluesnarfing
C. Bluerunningr/>D. Bluelining
B.
Bluesnarfing is the gaining of unauthorized access through a Bluetooth connection.
A client calls you and says that he wants to turn off the SSID broadcast on his small network because he is afraid that
those simply scanning for a network are finding it and trying to connect to it. You inform him that this is a very weak form of security and suggest some other options, but he is insistent on this being done. What is this form of hiding the router known as?
A. Veiling
B. Masking
C. Shrouding
D. Cloaking
D.
Cloaking is a method of protecting the network that involves turning off the SSID broadcast. The access point is still
there and accessible by those who know of its existence, but it prevents those who are just scanning from finding it.
Which of the following is attack in which a rogue wireless access point poses as a legitimate wireless service provider to intercept information that users transmit?
A. Collision
B. Evil twin
C. NFC
D. WPS
B.
In an
evil twin attack, a rogue wireless access point poses as a legitimate wireless service provider to intercept information that users transmit.