A Man-In-The-Middle (MITM) attack is where an attacker secretly intercepts communications between two parties who believe they are directly communicating with each other. The attacker can view or modify the communications. Examples include the attacker creating a fake Wi-Fi access point to intercept personal information, hijacking email accounts to divert payments, or stealing browser cookies to hijack web sessions. To prevent MITM attacks, people should use encrypted VPNs, sign out of unused accounts, and avoid auto-filling passwords on untrusted sites.
2. What is MITM?
In cryptography and computer security, a
Man-In-The-Middle Attack (MITM) also
known as “Hijacking” is an attack where the
attacker secretly relays and possibly alters
the communication between two parties
who believe they are directly communicating
with each other.
3.
4. ..Examples
Wi-Fi Eavesdropping
The hacker can create a fake Wi-Fi node as a legitimate Wi-Fi access
point to steal the personal information of everyone who connects.
Email Hijacking
The hacker gain access to important email accounts, and he will monitor
the transactions. For example, they can wait for a scenario where the customer will
be sending money and respond, spoofing the company’s email address, with their
own bank details instead of the company’s. This way, the customer thinks they’re
sending their payment to the company, but they’re really sending it right to the
hacker.
Session Hijacking
Once you log into a website, a connection between your computer and the
website is established. Hackers can hijack your session with the website through
numerous means. One popular option they use is stealing your browser cookies. In
case you don’t know, cookies store small pieces of information that makes web
browsing convenient for you. It can be your online activity, login credentials, pre-fill
forms, and in some cases, your location. If they got hold of your login cookies, they
can easily log into your accounts and assume your identity.
5. Bob Alice
• In the graphic below, an attacker (MITM) inserted themselves in-between between the
client(Alice) and a server(Bob).
• As the hacker now controls communication, they can intercept data that is transferred,
or interject other data, files, or information.
6. Real-Life Examples of MITM Attacks
• During World War II, British intelligence conducted MITM attacks against Nazi forces
using Aspidistra devices. Cracking of the Enigma code could also be considered a MITM
attack.
• In 2014, Lenovo installed MITM (SSL Hijacking) adware called Superfish on their Windows
PCs.
7. Man in the Middle Attack Prevention
• Use a Virtual Private Network (VPN) to encrypt your web traffic. An encrypted VPN
severely limits a hacker’s ability to read or modify web traffic.
• Minimize the potential of attacks by signing out unused accounts to invalidate session
cookies.
• Add an enterprise password management solution; this will avoid auto-filing passwords
on a nefarious site.
• If you use Google Chrome, install a chrome security extension, like HTTPS Everywhere,
which forces an SSL connection whenever possible.
• Force encryption by typing https at the beginning: https://www.website.com
• Avoid using public Wi-Fi networks. If you must use public wi-fi, configure your device to
require a manual connection.