Threat action – interception

A threat action where an unauthorized user directly accesses critical data flowing between authorized sources and destinations. This includes the following:

• Theft: Obtaining access to data by stealing media, such as HDD, CD/DVD Drives, and USB.
• Wiretapping: Monitoring and storing the data flowing between two endpoints in the communication system with the aim of stealing the information.
• Man-in-the-Middle (MiTM): Intercepts traffic between the sender and the destination. Sensitive information can be obtained.