Eavesdropping in the cybersecurity world refers to the interception of communication between two parties by a malicious third party (hackers). Eavesdropping is similar to a sniffing attack, where software applications allow a hacker to steal usernames and passwords simply by observing network traffic. This often happens on Public Wi-Fi networks where it is relatively easy to spy on weak or unencrypted traffic or by putting up a fake Wi-Fi network for unsuspecting users to connect to.
In all three situations, hackers are eavesdropping on your communications seeking to steal login credentials, and other sensitive information on a user’s devices. Eavesdropping also allows hackers to listen into VoIP communications as well. Eavesdropping is often conducted by deploying “Stalkerware” onto unsuspecting users devices, often by someone you know (family member).
Source: ECPI University
Additional Reading: How Hackers Use An Ordinary Light Bulb To Spy On Conversations 80 Feet Away
Related Terms: Password Sniffing, Packet Sniffing
SMB owners don’t need to learn what eavesdropping attacks are, but they do need to employ someone who does. Protecting your SMB from Eavesdropping means you need a vCISO or a security focused Managed Service Provider (MSP) or Managed Security Services Provider (MSSP) worrying about this for you. There are simple “ounce of prevention” measures you must take as a business owner which will proactively prevent the “pound of cure” reaction when something goes wrong. Hackers are out there using Eavesdropping Attacks to break into your company. Proactively prevent this by leveraging a vCISO, CyberHoot, or both!
Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.
A recent discovery by cybersecurity firm Oligo Security has unveiled a series of critical vulnerabilities in...
Read moreA newly uncovered cyberattack campaign is exploiting Zoom’s Remote Control feature to infiltrate the systems...
Read moreGet sharper eyes on human risks, with the positive approach that beats traditional phish testing.