Interception

Overview

In an Information Security context, an interception refers one of the four broad categories used to classify attack patterns. The actual or intended effect of an interception attack is that unintended parties gain access to information or other digital assets (applications, environments, files).

Common Examples

  • Network sniffing/eavesdropping
  • Man In The Middle (MITM) hijacking

Lawful Uses

While commonly discussed as a malicious activity in the InfoSec world, interception is also sometimes used for lawful purposes in law enforcement, intelligence gathering and administrative or regulatory auditing.

Related Concepts

Attack Classifications

Information Security parlance often references four major categories as the broadest-stroke classifications attacks patterns and threats. Interception represents one of these categories. The others are:

  1. Interruption
  2. Modification
  3. Fabrication

Interception attacks represent the first and perhaps the most common of these broad classifications.

Interrelationship with Security Models

Interception attacks are generally designed to target and undermine the Confidentiality pillar of the CIA Triad security model.

Within the Parkerian Hexad model, interception attacks target and undermine the AuthenticityConfidentiality and Possession/Control pillars.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.