Passive Reconnaissance

Last Updated: August 31, 2011

Definition - What does Passive Reconnaissance mean?

Passive reconnaissance is a form of targeted information data collection that takes place when an individual’s personal data, such as a password, is stolen without the targeted individual's knowledge. Passive reconnaissance is defined as a malicious hack whereby the target may be observed, and they may be impersonated by the hacker for data collection purposes.

Passive reconnaissance can take place when the hacker is sifting through the targeted individual’s garbage in order to obtain discarded papers, which may contain the private information required to follow through with a malicious act online. Discarded computers are another source of information for hackers.

Traffic activity on a modem can be read and analyzed during passive reconnaissance by remotely analyzing the LED traffic activity lights. Secure shell (SSH) keystroke timing is another way that passive reconnaissance is enlisted.

[Free White Paper] Demystifying data science: How organizations can benefit from artificial intelligence and advanced analytics

Techopedia explains Passive Reconnaissance

Passive reconnaissance targeting is usually done for malicious purposes that somehow benefit the hacker. However, there is such a thing as ethical passive reconnaissance. This is called hacktivism and can be carried out through passive reconnaissance. This version of passive reconnaissance is perpetrated by hactivists who are trying to gain information that will support their political causes or other such ethical motivations. Law enforcement officials may also use passive reconnaissance as part of a criminal investigation. Ethical or not, passive reconnaissance is always done without the authorization of the person or organization that is being targeted.