Man-in-the-middle (MITM) attacks happen when a bad actor intercepts traffic between two computers, like laptops and remote servers. The person will be able to listen in to any communication between both machines or steal information. MITM attacks are a serious concern for businesses, primarily as more people work from home.
Access Without Direct Access
The attacker does not have to have direct access to your device to execute a MITM attack. They need to be on the same network as you. Crafty attackers will sometimes create their dummy networks, similar to the real thing, to trick you into connecting it.
A common target area is locations with an unencrypted public network like an airport. The attacker connects to the network and then downloads a tool that captures everything going back and forth. Once the information is collected, the attacker can analyze it to find useful information.
This approach is less affected since the rise of HTTPS, which provides encrypted connections to websites. Even if its captured, the information can not be decrypted. An HTTPS connection does not guarantee that you’re safe. Attackers developed ways to sometimes trick a computer into downgrading the connection, making it unencrypted.
Rogue Routers & Network Based Attacks
Another form of this attack is called ARP Cache Poisoning. This is where the attacker attempts to associate their MAC address with someone else’s IP address. A MAC address is like a serial number for the device, and MAC addresses are how networks distinguish between different devices. If successful, the data intended for the victim goes to the attacker.
DNS spoofing is an alternative form of this attack. The DNS is similar to a phonebook, just for the Internet. It associates the name of a website (thecomputerwarriors.com) with a numeric IP address. When successful, an attacker forwards real requests to a fake site then captures the data.
Thankfully, there are a number of ways to prevent this type of attack from happening to you. The biggest component is staying vigilant. Avoid public WIFI hotspots, and use your phone’s hotspot feature. This will use your cellular data but will allow you to keep control of the network.
In addition, using a VPN on your computer will encrypt all the traffic from your computer before it leaves. Multiple VPN providers are offering different features and pricing models. Do your research before purchasing a service; that way, you will feel comfortable using it.
If you found this article interesting or helpful, check out our other posts!