fbpx
08
May
2018

Session Hijacking

By HIPAA Vault

Session hijacking is the use of a valid computer session to gain access to otherwise prohibited parts of a computer system. Specifically, session hijacking refers to the use of a cookie to authenticate a user to a network that is breached. In this way, the attacker can use that cookie to trick the server into believing that he is actually the regular user.

Most modern computer systems are vulnerable to session hijacking attempts because they communicate using a standardized protocol to identify users. For example, one method an attacker might use is called a Session Fixation attack. A Session Fixation attack is when an attacker manually sets the session id to something he knows, and tricks the victim into entering their login credentials. The attacker might initiate this by sending a malicious email to the victim, with a link to a specific session. Once the user logs in, the attacker can pretend to be him by using the same session id.

HIPAA Vault has several layers of security that prevent session hijacking attacks. One layer involves requiring communication with a server to be through an ssh. The built-in security protocols that ssh provides is enough to prevent most session hijacking attempts. In addition, HIPAA Vault provides its own ssl-vpn that users must be connected to when communicating with the server. This makes it almost impossible to impersonate an authenticated user because it adds an additional requirement – above the session id – to establish the connection.

 

Our certifications