Dark Mode

Settings

Capec-651 Detail

Eavesdropping

Standard Communications Software Physical Security Typical Severity: Medium

Parents: 117

Children: 508 634 699

Threats: T60 T65 T277 T291 T340 T383 T396

Tools: 14

Description

An adversary intercepts a form of communication (e.g. text, audio, video) by way of software (e.g., microphone and audio recording application), hardware (e.g., recording equipment), or physical means (e.g., physical proximity). The goal of eavesdropping is typically to gain unauthorized access to sensitive information about the target for financial, personal, political, or other gains. Eavesdropping is different from a sniffing attack as it does not take place on a network-based communication channel (e.g., IP traffic). Instead, it entails listening in on the raw audio source of a conversation between two or more parties.

Not present

External ID Source Link Description
CAPEC-651 capec https://capec.mitre.org/data/definitions/651.html
CWE-200 cwe http://cwe.mitre.org/data/definitions/200.html
T1111 ATTACK https://attack.mitre.org/wiki/Technique/T1111 Multi-Factor Authentication Interception

Not present

  1. The adversary typically requires physical proximity to the target's environment, whether for physical eavesdropping or for placing recording equipment. This is not always the case for software-based eavesdropping, if the adversary has the capability to install malware on the target system that can activate a microphone and record audio digitally.
  1. For logical eavesdropping, some equipment may be necessary (e.g., microphone, tape recorder, etc.). For physical eavesdropping, only proximity is required.

Not present

Confidentiality
Other (The adversary gains unauthorized access to information.)

Not present

We use cookies to ensure you get the best experience on our website.