In an Information Security context, an interception refers one of the four broad categories used to classify attack patterns. The actual or intended effect of an interception attack is that unintended parties gain access to information or other digital assets (applications, environments, files).
- Network sniffing/eavesdropping
- Man In The Middle (MITM) hijacking
While commonly discussed as a malicious activity in the InfoSec world, interception is also sometimes used for lawful purposes in law enforcement, intelligence gathering and administrative or regulatory auditing.
Information Security parlance often references four major categories as the broadest-stroke classifications attacks patterns and threats. Interception represents one of these categories. The others are:
Interception attacks represent the first and perhaps the most common of these broad classifications.
Interrelationship with Security Models
Interception attacks are generally designed to target and undermine the Confidentiality pillar of the CIA Triad security model.
Within the Parkerian Hexad model, interception attacks target and undermine the Authenticity, Confidentiality and Possession/Control pillars.