A
passive attack observes or intercepts data without modifying it — eavesdropping, traffic analysis, shoulder surfing, photographing sensitive information.
Passive attacks are hard to detect — no interaction with target systems. Active attacks (modify data, inject packets) leave traces. Encryption defeats passive eavesdropping. Traffic analysis counters: onion routing, traffic shaping, dummy traffic.