Session hijacking is an attack that involves the exploitation of an already-established session between devices.

‘Session’ is related to the connection between two communicating systems that has some form of state involved.

When two systems want to communicate they need to go through a series of stages throughout the communication process.

For example, when checking emails on a server, a cookie containing information about the duration for which the user can browse without re-authenticating is stored on the server.

When an individual is done, standard protocol would be to log off from the website and exit the browser.

During session hijacking, a hacker steals the cookie information before the individual can logoff and saves it in their cookie folder to access the same site.

Because the cookie is still considered valid, this would allow the attacker to browse through the individual’s emails without having to re-authenticate their identity.

To prevent from session hijacking:

• Make sure to properly terminate any session by logging off immediately once the work is done. Do not just close the browser thinking that the sessions will itself timeout.
• Do not use public computers for browsing sensitive sites like banking, online shopping, etc.
• Keep your systems secure from external attacks.

More security questions & answers