Man-in-the-middle (MITM) attacks happen when a bad actor intercepts traffic between two computers, like a laptop and a remote server. The person will be able to listen in to any communication between both machines or steal information. MITM attacks are a serious concern for businesses, especially as more people work from home.
Access Without Direct Access
The attacker does not have to have direct access to your device to execute a MITM attack. They just need to be on the same network as you. Crafty attackers will sometimes create their dummy networks, similar to the real thing to trick you into connecting it.
A common target area is locations with an unencrypted public network like an airport. The attacker connects to the network, then downloads a tool that captures everything going back and forth over it. Once the information is collected, the attacker can analyze it to find useful information.
This approach is less effected since the rise of HTTPS, which provides encrypted connections to websites. Even if its capture, the information can not decrypt the information. An HTTPS connection does not guarantee that you’re safe. Attackers developed ways to sometimes trick a computer in downgrading the connection, making it unencrypted.
Rogue Routers & Network Based Attacks
Another form of this attack is called an ARP Cache Poisoning. This is where the attacker attempts to associate their MAC address with someone else’s IP address. A MAC address is like a serial number for the device, and MAC addresses are how networks differential between different devices. If successful, the data intended for the victim goes to the attacker.
DNS spoofing is an alternative form of this attack. The DNS is similar to a phonebook, just for the Internet. It associates the name of a website (thecomputerwarriors.com) with a numeric IP address. When successful, an attacker forwards real requests to a fake site then captures the data.
Protect Yourself
Thankfully, there are a number of ways to prevent this type of attack from happening to you. The biggest component is staying vigilant. Avoid public WIFI hotspots, and most phones can become a hotspot. This will use your cellular data but allows you to keep control of the network.
In addition, using a VPN on your computer will encrypt all the traffic from your computer before it leaves. There are multiple VPN providers, offering different features and pricing models. Do your research before purchasing a service, that way you will feel comfortable using it.
If you found this article interesting or helpful, check out our other posts!