toggle accessibility mode
active cyber attacks

Active vs Passive Cyber Attacks Explained

By John DiGiacomo

Cyber attacks involve the unauthorized access of private or confidential information contained on computer systems or networks, but the techniques and methods used by the attacker further distinguish whether the attack is an active cyber attack, a passive type attack, or some combination of the two. According to Symantec, both active and passive cyber attack types are defined by unique characteristics and techniques, and each type of attack presents unique challenges to victims, system users, system administrators and cybersecurity professionals. Knowing the difference between passive and active cyber attacks can help system users and administrators identify when an attack is taking place so that action can be take to try and contain the attack.

Active Cyber Attacks

Active attacks are often aggressive, blatant attacks that victims immediately become aware of when they occur. Highly malicious in nature, active attacks often locking out users, destroying memory or files, or forcefully gaining access to a targeted system or network. Viruses, worms, malware, Denial of Service attacks, and password crackers are all examples of active cyber attacks. Usually, hackers that use active attacks are not much concerned with their activities being detected because by the time the attack is detected the damage is already done or is underway.

Passive Cyber Attacks

Passive attacks often employ non-disruptive and covert methods so that the hacker does not draw attention to the attack. The purpose of the passive attack is to gain access to the computer system or network and to collect data without detection. Many data security breaches involving the exposure of credit card and debit card payment information are the result of passive attacks, as are data breaches where the targeted data collected during the attack is user name, passwords and other personal identifying information.

Passive attacks are usually data gathering operations, which means they usually employ some sort of malware or hack that eavesdrops on system communications (i.e., scrubs email for personal identifying information) or records system communications (i.e., keystroke recording malware). Information that is gathered in a passive cyber attack is usually sold on the blackmarket and dark web for the financial gain of whoever perpetrated the passive attack.  

Use of Both Active Attacks and Passive Attacks

There are many hackers that use a combination of active and passive techniques to gain unauthorized access to a system, network, or data. Oftentimes, a passive information gathering technique will be used first, and then once desired data has been collected, the hacker often launches an active attack to make a point or to accomplish some other goal. For instance, it is not uncommon for a hacker to acquire login credentials using a passive attack technique, and then actively access the system to wreck havoc on the network once inside. We’ve written previously about how hackers gain access to computer systems here.

Contact a Data Breach Lawyer

Any business that is subjected to a cybersecurity breach needs to take steps to contain the breach and to notify those who have had their personal identifying information or payment information exposed as a result of the attack. Many states have breach notification laws that specify certain timeframes in which victims need to be notified. You will have to move quickly after a cyber security breach. The professionals at Revision Legal can help. Contact us using the form on this page or call us at 855-473-8474.

Image Credit: GlobeSign

Put Revision Legal on your side