Hijacking:
When attacker injects malware and takes control of the system and redirects user to another website or home page is called Hijacking. This attack massively takes place over the remote computers. There are mainly three types of hijacking and they are:
-
Network hijacking:
Man-in-the-middle-attack can be counted as the network hijacking. In this attack, a perpetrator hijacks the connection of the two communicators, without their knowledge, intercepts their messages, and modifies the message and relay back to them. The two victims think that they are communicating with each other only but the actual scenario is totally different.
-
Browser Hijacking:
Also known as DNS hijacking, takes the requester to the adulterated site, when requested for the valid one. The attacker infects the DNS server itself, so that each time a user requests for the legitimate website, he/she ends up at the fake or disturbing site.
-
Website Hijacking:
Here, the attacker only has to register a domain name almost similar to that of the actual one. Now, whenever a user types address of that website either by mistake he/she will be redirected to the corrupted site, in many of the cases to porn sites.
Prevention:
- For remote access, strong authentication measures should be implemented. For sessions, periodic re-authentication should be enforced.
- Firewalls should be installed as and when required.
- Monitor the network traffic and vulnerable interruptions on a regular basis.
- Scanning tools should be installed in order to prevent the ongoing vulnerabilities.
- For the most sensitive data, a strong end to end encryption should be implemented.
