Once the intruder's device is receiving traffic, the attacker can route all traffic onto the appropriate gateway, but they will be able to read any unencrypted traffic that passes their way.
