ALERT

[WEBINAR] Building a Business-Driven Data Architecture

Sidejacking

Definition - What does Sidejacking mean?

Sidejacking refers to the use of unauthorized identification credentials to hijack a valid Web session remotely in order to to take over a specific Web server. Usually sidejacking attacks are performed through accounts where the user types in their username and password. Sidejacking attacks work to find a nonsecure sockets layer (SSL) cookie. Usually, websites that have users type in their usernames and passwords are the type that get sidejacked. Websites that use SSLs don’t have as much of a chance of being sidejacked, but if the webmasters neglect to authenticate the site itself through encryption, SSL use can be negated. Unsecured Wi-Fi hot spots are also vulnerable.

Sidejacking employs packet sniffing to steal a cookie and read network traffic. The data sent to the server or the Web pages viewed by the victim are captured, allowing the perpetrator to steal private information and impersonate the user for personal gain.

Techopedia explains Sidejacking

Many people would be surprised if they knew how easily someone can hijack the websites they use, especially through open Wi-Fi. Gone are the days when hackers were confined to their homes, conducting their clandestine computer intrusions. Now, a hacker could be sitting right next to his or her victim in a coffee shop, a library, an airport, or anywhere that the user’s password may be remembered on the system. Smartphones and laptops within these hot spots should also be used very carefully.

While it’s difficult to prove, if someone is caught accessing a password-protected page in an unauthorized manner, that person will be charged with a misdemeanor in the U.S. If more than $1,000 in damage occurs, the offense is considered a felony.

Computer experts suggest using a virtual private network when using Wi-Fi, which employs a security tunnel that impostors cannot access.

Connect with us

Techopedia on Linkedin
Techopedia on Linkedin
Tweat cdn.techopedia.com
"Techopedia" on Twitter


'@Techopedia'
Sign up for Techopedia's Free Newsletter!

Email Newsletter

Join thousands of others with our weekly newsletter

Resources

[WEBINAR] Building a Business-Driven Data Architecture:
Free Whitepaper: The Path to Hybrid Cloud
Free Whitepaper: The Path to Hybrid Cloud:
The Path to Hybrid Cloud: Intelligent Bursting To Amazon Web Services & Microsoft Azure
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.