Final answer:
Sidejacking refers to the malicious act where an attacker intercepts session cookies to impersonate a user on a web service, often occurring on unsecured wireless networks. To prevent sidejacking, individuals should use HTTPS encrypted connections, and websites should use secure, HttpOnly cookies.
Step-by-step explanation:
Sidejacking is indeed the hijacking of an open Web session. The term sidejacking refers to the malicious practice where an attacker uses packet sniffing to intercept and use the session cookies from a user who is logged into a web service. Once the attacker has these cookies, they can impersonate the user on the website.
Hijackers typically perform sidejacking on unsecured wireless networks where data is transmitted in plaintext, meaning encryption is not used. This makes it relatively easy for attackers to capture sensitive data with the right tools. To protect against sidejacking, users should ensure they are using secure, encrypted connections (HTTPS) whenever possible, especially when accessing sensitive accounts. Additionally, websites can help by using secure cookies that are encrypted and marked as HttpOnly, making them inaccessible to client-side scripts and reducing the risk of unauthorized access through sidejacking.