Sidejacking

What Does Sidejacking Mean?

Sidejacking refers to the use of unauthorized identification credentials to hijack a valid Web session remotely in order to to take over a specific Web server. Usually sidejacking attacks are performed through accounts where the user types in their username and password. Sidejacking attacks work to find a nonsecure sockets layer (SSL) cookie. Usually, websites that have users type in their usernames and passwords are the type that get sidejacked. Websites that use SSLs don’t have as much of a chance of being sidejacked, but if the webmasters neglect to authenticate the site itself through encryption, SSL use can be negated. Unsecured Wi-Fi hot spots are also vulnerable.

Advertisements

Sidejacking employs packet sniffing to steal a cookie and read network traffic. The data sent to the server or the Web pages viewed by the victim are captured, allowing the perpetrator to steal private information and impersonate the user for personal gain.

Techopedia Explains Sidejacking

Many people would be surprised if they knew how easily someone can hijack the websites they use, especially through open Wi-Fi. Gone are the days when hackers were confined to their homes, conducting their clandestine computer intrusions. Now, a hacker could be sitting right next to his or her victim in a coffee shop, a library, an airport, or anywhere that the user’s password may be remembered on the system. Smartphones and laptops within these hot spots should also be used very carefully.

While it’s difficult to prove, if someone is caught accessing a password-protected page in an unauthorized manner, that person will be charged with a misdemeanor in the U.S. If more than $1,000 in damage occurs, the offense is considered a felony.

Computer experts suggest using a virtual private network when using Wi-Fi, which employs a security tunnel that impostors cannot access.

Advertisements

Related Terms

Latest Cybersecurity Terms

Related Reading

Margaret Rouse
Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…

Related News

dummy_img
Artificial Intelligence

What Do the New UK-US Global Guidelines for AI Security Really Mean?

Alex McFarland12 years
dummy_img
Cyber Threats

Cybersecurity Thanksgiving Attacks: Diverting Ambulances and Water Supplies

Ray Fernandez12 years
dummy_img
Featured Content

eTukTuk (TUK) is The Crypto Project To Invest In If You Want To Combat Climate Change

Alan Draper12 yearsEditor-in-Chief
dummy_img
Artificial Intelligence

ChatGPT’s Birthday Special: Celebrating 1 Year of Changing the World

Tim Keary12 yearsTechnology Expert
dummy_img
Blockchain

Project Guardian: Singapore’s Plan for DeFi and Tokenization

Jinia Shawdagor12 yearsEditor
dummy_img
Cloud Computing

The Top 8 Cloud Computing Podcasts

Linda Rosencrance12 yearsTechnology Journalist

Popular Categories
Show All

Antivirus
Antivirus
Artificial Intelligence
Artificial Intelligence
Audio
Audio
CRM
CRM
Cryptocurrency
Cryptocurrency
Gambling
Gambling
Gaming
Gaming
HR
HR
Investing
Investing
Laptops
Laptops
Network
Network
Password Managers
Password Managers
Project Management
Project Management
Spy
Spy
VoIP
VoIP
VPN
VPN