Session Hijacking Attack

A Session Hijacking Attack occurs when a user session is taken over by an attacker. A normal session starts when you log into a service, for example your banking application, and ends when you log out. The session hijacking attack relies on the attacker’s knowledge of your session cookie, so it is also called “cookie hijacking” or “cookie side-jacking”. Although any computer session could be hijacked, session hijacking most commonly applies to browser sessions and web applications. In most cases when you log into a web application, the server sets a temporary session cookie in your browser to remember that you are currently logged in and authenticated. HTTP is a stateless protocol and session cookies attached to every HTTP header are the most popular way for the server to identify your browser or your current session.

To perform session hijacking, an attacker needs to know or be able to predict the victim’s session ID. This can be obtained by stealing the session cookie or persuading the user to click a malicious link containing a prepared session ID. In both cases, after the user is authenticated on the server, the attacker can hijack the session by using the same session ID for their own browser session. The server is then tricked into treating the attacker’s connection as the original user’s valid, authorized session.

Source: NetSparker

Additional Reading:

  1. Corporate Account Takeover Attacks: Detecting and Preventing 
  2. What is Session Hijacking: Your quick guide to session hijacking attacks

Related Terms:

What does this mean for an SMB?

The best way to defend against a session hijacking attack is to educate your employees and staff on the risks involved with everyday use of the Internet and what they can do to reduce the likelihood of a security breach.
These attacks can be brought on by a user clicking on a phishing link, or opening an attachment that allows for the hacker to gain information about your browser connection. By educating employees on the dangers of phishing, along with using CyberHoot’s Phish Testing modules, you can significantly reduce the likelihood of you or your company becoming victim to an attack like this. 

To learn more about Session Hijacking, watch this short 3 minute video:

Are you doing enough to protect your business?

Sign up with CyberHoot today and sleep better knowing your

employees are cyber trained and on guard!

Share this on your social networks. Help Friends, Family, and Colleagues become more aware and secure.