Difference Between Active And Passive Attacks Explained (With Examples)

0 min read

The internet is evidently one of the biggest inventions of our time which affects the whole of mankind. It has made our lives simpler in more ways than one can count. But as David Bernstein rightly said- "For every lock, there is someone out there trying to pick it or break in". And same holds true for this advancement, as it has also opened us up to a world of attacks, i.e. cyberattacks. Do you know what that is? In this article we will discuss security attacks, as well as the difference between active and passive attacks, along with the other basics about cyber attacks. So read on!

What is a Security attack?

A cyber security attack is when a system's security is compromised or is in jeopardy through unauthorized/ illegal actions. The intent of such attacks is to modify, destroy, or steal any sensitive information or data for malicious purposes. These are classified into two types of attacks i.e. active and passive attacks. We will elaborate on the difference between active attack and passive attack ahead. Let's begin by discussing active attacks in detail.

What is an Active Attack?

An active cyber attack is when the hacker (not an ethical hacker) tries to affect the operations of a system or tries to alter its resources (including information stored in the system). These attacks involve either creation of false data or the modification of existing data. For example when a hacker tries to change the content of messages sent to or from the system. These attacks are extremely high-paced and cause heavy damage to the system (both in terms of hardware & software), and hence it is not easy to prevent them. Also, the victims of these cyber attacks are notified about it only when the malicious user tries to impinge their system.

Two things that you can do to prevent active cyberattacks are:

1. Setting up an OTP, i.e. One-Time Password, can help in authenticating the transaction process between sender and receiver.
2. Generating a random session key can also help to prevent the attacker from re-transmitting the information even after the end of the session.

Now let's look at an example of an active cyberattack. 

Example:

The bank manager sends an alert message to the customer to not provide any documents regarding the KYC updates.

Bank Manager: Do not click any link and do not provide documents regarding KYC verification.

Hacker modifies the message to: We request you to provide the documents regarding KYC verification. Click this link and proceed.

The customer gets the modified message and clicks on the link, falling victim to the cyber security breach.

Also read: Top 101 Java Interview Questions And Answers That IT Companies Ask!

Types of Active Attacks

1. Modification

Also referred to as an alteration and a replay attack, in these modification-based attacks, the integrity of the message is breached. There are three types of modification-based active cyberattacks:

a) Change - This is when the public information or confidential message is changed. In other words, the existing information is changed (i.e. incorrect information/ false message is sent to the receiver by the attacker).

b) Insertion - This is when the hacker inserts false information in place of the original message leading to message modification which is then sent to the user.

c) Deletion - This is when the activities of attackers include deleting the whole message from the sender, or a complete chunk of information.

2. Interruption or Masquerade Attack

It is a type of network attack wherein the hacker degrades the user's network connectivity of the user. For example, when the attacker interrupts the user's transaction by disconnecting the communication link or disrupting the operation of communication network.

3. Interception

Here, the attacker hacks the communication path between the users and the middleman to access confidential files or information. They can then read the content of communication and use the same for malicious purposes. 

4. Fabrication

In this type of attack, the attackers try to gain the trust of the compromised user and use the data to bring malicious actions to completion.

Some other types of active attacks are repudiation, denial of service, and replay attacks.  

What is a Passive Attack?

A Passive attack is sort of an eavesdropping attack wherein the hacker primarily wants to monitor/ observe, learn, and even use the information on the system but not harm its resources. This is the primary difference between active and passive attacks.

So even though the goal is to obtain information and not modify it, it is still a cyber security breach. In fact, the attacker can view all unencrypted messages, including personal messages, and financial or organizational information.

The few preventive measures against these passive type attacks are:

1. Avoid posting personal information on social media platforms,
2. Use encryption methods to prevent intruders from posing danger to the integrity of your information.

Let us consider an example of a passive cyber attack type to get a better picture. 

Example:

User 1: Hi, I have attached the complete source code of the application that we are going to launch within a week. You can view the file for reference.

Receiver 1: Receives the same message without any modification.

Attacker: Reads the message.

There are two types of passive cyberattacks:

1. Release of Information

2. Traffic Analysis

• Traffic Analysis: In this type of passive cyberattack, the hacker tries to decrypt the encrypted message from a sender to the receiver by analyzing the traffic. The hacker begins this passive network security attack by loading a software package inside the user's communication channels or network path. Even when the messages are encrypted the hacker can still determine the location and identity of communicating host and analyze his/her network to determine the frequency and length of communication/ messages. The attacker can use the information collected to make a good guess about the nature of the correspondence.  
• Release of Message Contents: We all know that electronic email messages, text messages, telephonic conversations, confidential file transfers, etc. all contain some level of sensitive information. So when an attacker gets unauthorized access to these messages and observes the info, it is referred to as the release of the message of contents. 

An Infographic for Difference Between Active Attacks and Passive Attacks

Before we move on to discuss the difference between active and passive attacks in detail, here is an infographic to help you get a basic idea of how they differ. Have a look!

What is the Difference Between Active and Passive Attacks?

In the table below we have clearly listed the various points of difference between active and passive attacks:

Examples of Active Attack and Passive Attack

Let's go through some common examples of active attacks and passive attacks in the real world to better understand the concepts: 

• Active attack: 
  • If a hacker or attacker launches an attack on a public Wi-Fi network to steal credit card information from users who are trying to shop online, then it's an active attack - more specifically, it's a type of man-in-the-middle active attack. 
  • An attack against the website of a competitor in order to disrupt their business operations is also a type of active attack. It's also known as a denial-of-service active attack.
• Passive attack: 
  • In order to launch a phishing attack against employeees, hackers may use traffic analysis to identify which employees of a company are regularly accessing websites that contain sensitive information. 
  • The use of port scanning to identify open ports on a company's network is also a form of passive attack. Using passive attack, hackers exploit the recognized vulnerabilities to gain access to the network and steal data.

Conclusion

We are sure that if you are interested in cyber security topics, you would have found this discussion on the difference between active and passive attacks interesting. We'd like to conclude by highlighting the fact that with the advancement of technology, the frequency of ongoing attacks is also increasing day by day. It is hence important for us to prevent these hackers from getting unlawful access to our information by keeping personal data safe. Leaving our communication links vulnerable to malicious entities is a great liability. 

We must hence transform ourselves into being the protectors rather than prey and safeguard ourselves against malicious programs. To do this, we must employ encryption techniques, take protective measures for our communication facilities, remove software vulnerabilities, and the like. 

You might also be interested in reading the following articles:

1. What is Flow Control in Computer Networks?
2. Difference Between Mealy Machine And Moore Machine [With Comparison Table]
3. What is The Difference Between Linear And Non Linear Data Structure?
4. Have No Idea Of Coding? Follow These Guidelines To Become A Data Scientist (With A Step-By-Step Guide)
5. Top 10 Best Programming Languages To Learn in 2023