Partner
Cyber attacks involve the unauthorized access of private or confidential information contained on computer systems or networks, but the techniques and methods used by the attacker further distinguish whether the attack is an active cyber attack, a passive type attack, or some combination of the two. According to Symantec, both active and passive cyber attack types are defined by unique characteristics and techniques, and each type of attack presents unique challenges to victims, system users, system administrators and cybersecurity professionals. Knowing the difference between passive and active cyber attacks can help system users and administrators identify when an attack is taking place so that action can be take to try and contain the attack.
Active attacks are often aggressive, blatant attacks that victims immediately become aware of when they occur. Highly malicious in nature, active attacks often locking out users, destroying memory or files, or forcefully gaining access to a targeted system or network. Viruses, worms, malware, Denial of Service attacks, and password crackers are all examples of active cyber attacks. Usually, hackers that use active attacks are not much concerned with their activities being detected because by the time the attack is detected the damage is already done or is underway.
Passive attacks often employ non-disruptive and covert methods so that the hacker does not draw attention to the attack. The purpose of the passive attack is to gain access to the computer system or network and to collect data without detection. Many data security breaches involving the exposure of credit card and debit card payment information are the result of passive attacks, as are data breaches where the targeted data collected during the attack is user name, passwords and other personal identifying information.
Passive attacks are usually data gathering operations, which means they usually employ some sort of malware or hack that eavesdrops on system communications (i.e., scrubs email for personal identifying information) or records system communications (i.e., keystroke recording malware). Information that is gathered in a passive cyber attack is usually sold on the blackmarket and dark web for the financial gain of whoever perpetrated the passive attack.
There are many hackers that use a combination of active and passive techniques to gain unauthorized access to a system, network, or data. Oftentimes, a passive information gathering technique will be used first, and then once desired data has been collected, the hacker often launches an active attack to make a point or to accomplish some other goal. For instance, it is not uncommon for a hacker to acquire login credentials using a passive attack technique, and then actively access the system to wreck havoc on the network once inside. We’ve written previously about how hackers gain access to computer systems here.
Any business that is subjected to a cybersecurity breach needs to take steps to contain the breach and to notify those who have had their personal identifying information or payment information exposed as a result of the attack. Many states have breach notification laws that specify certain timeframes in which victims need to be notified. You will have to move quickly after a cyber security breach. The professionals at Revision Legal can help. Contact us using the form on this page or call us at 855-473-8474.
Image Credit: GlobeSign
Online affiliate marketing is big business now. Affiliate marketing, of course, has been around for a long time. Basically, a business or a person agrees to promote and recommend a product, a brand of products, or even a whole business in exchange for various things of value. Generally, the affiliate does not actually sell the […]
Read more about The Dos and Don’ts of Online Affiliate Marketing
Yes, as long as the proposed trademark meets the other requirements for registration. U.S. trademark laws do not require that only the English language can be used for trademarks. However, whatever the language, trademarks must meet the legal requirements, including functionality, distinctiveness, uniqueness, etc. For example, every trademark must function as a trademark in that […]
Read more about Can I Trademark a Non-English Word or Phrase in the U.S.?
In a new ruling, a California federal judge has declared the entirety of California’s Age-Appropriate Design Code Act (“CAADCA”) to be unconstitutional. Cal. Civ. Code §§ 1798.99.28 et seq. See media report here and the Opinion here. The case is Netchoice, LLC. v. Bonta, Case No. 22-cv-08861-BLF (US N.Dist. Cal, March 13, 2025). The CAADCA […]
Read more about California’s Age-Appropriate Design Code Act Declared Wholly Unconstitutional