If you are wondering what’s a man-in-the-middle attack, well, read the name out loud twice. A Man-in-the-Middle (MitM) is when a hacker tries to inject or gain information by showing their presence between the communication of two systems. He does that to gain access to all the sensitive information that a sender tries to communicate to the receiving party. His intention might be to redirect the messages to another user or even to stop the intended users from sending and receiving information.
The main motto behind the MitM attack is to take a peep at the users’ private information without his permission. The hacker either gives an impression of being a legitimate user or makes it appear so normal as if no third person involved in the communication. Another outcome of this attack is to have false information injected into the user’s system. This attack can take place between any form of online communication medium such as social media chatting, email, web surfing, etc.
How Does MitM Attack Work?
MitM attack entails two phases: interception and decryption. The first step, Interception involves obtaining access to the attacker’s network to reach out to the user’s traffic. A passive attack is the most common way used to attack the user’s system. A passive attack is performed by collecting the victim’s information without getting any physical access to his system. After interception, any two-way SSL traffic needs to be decrypted without alerting the user or application.
One of the commonly used approaches is Wi-Fi Eavesdropping. Let’s assume the victim uses free public WiFi with a legitimate-sounding name. Who wouldn’t want free WiFi? The victim falls for free WiFi and connects himself to this network through which he shares his sensitive information. Once a victim connects to such a hotspot, the attacker gains full accessibility.
How to Prevent MitM Attack?
Virtual Private Network: VPNs are another way to achieve secure communication. VPNs use a key-based encryption mechanism to create a subnet. Here, transmission of sensitive information takes place through a secret tunnel. This tunnel keeps the hacker from stealing the information even if he enters the network.
HTTPS: Websites are now using HTTPS to protect their data. HTTPS communicates securely by exchanging public-private key. The hacker will be unaware of these keys which prevent the data sniff. HTTP Strict Transport Security or HSTS can help in connect to HTTPS and block any content that uses HTTP as its protocol.
Encryption method: No matter how traditional encryption mechanisms are, it still works. Strong encryption on wireless access points prevents undesired users from entering the network. A hacker can perform a brute-force attack to enter the system. Hence, it’s safe to choose an encryption implementation that’s stronger.
We’ve just covered the basics of Man-in-the-Middle attack. There is always more to learn. But, this is from where you begin. Here I present another interesting attack in the cyber set. Stay tuned for more.