Replay Attack

What Is Replay Attack?

A replay attack occurs when a cybercriminal intercepts a private network connection and then illegally delays or redirects it to deflect the network user to the hacker’s desired outcome.

Deeper Definition

A replay attack, also known as a “man-in-the-middle attack,” is a security breach during which data is collected without authorization and then rerouted to fool the recipient into doing unlawful actions such as false identity or verification of an identical operation.

The fundamental characteristic of the Replay Attack is that the recipient gets the message twice, therefore the name.

An unauthorized person, i.e., Hackers, may carry out these assaults by following a simple three-step method. First, they eavesdrop during a secure electronic communication pathway to learn about the sorts of activities taking place. They then steal valid user data such as log-in details, user activity, machine and browser specifications, and security codes. Eventually, the hacker deceptively “replays” or resends the information acquired in order to mislead the web host into believing the hacker is a legitimate user of the platform.

Even if the information is encrypted and the hacker does not have access to the original credentials and passcodes. Retransmission of legitimate log-in messages is adequate to acquire network access.

A replay attack can be avoided by utilizing strong internet credentials or authorization with timestamps and specific information from prior transactions, such as with the value of a continually increased sequence number.

Other techniques used against replay attacks include the sequencing of messages and the non-acceptance of duplicated messages.

Additionally, one-time passwords(OTPs) could be used to prevent replay attacks. This has been seen in many banking services already.

Replay Attack Example

Assume Willy seeks to receive $100 from Jane, and in order to do so, he must first send Jane a verification message. Jane gets the verification message and sends him the amount requested. Jane then receives another verification message, a clone from the previous message hijacked by a hacker. Since Jane trusts Willy, she sends the amount requested to the attached account details.  However, instead of Willy, the money is sent to the hacker.