The term man-in-the-middle attack (MITM) – in cryptography and computer security – refers to the kind of attack where the attacker is in the middle of two communicating parties. The two parties are unaware of the presence of the middleman. So, this middleman acts by relaying and altering the communication happening between two parties in an uninformed and non consensual manner.
Eavesdropping is a common example of MITM attack. The attacker intercepts and relays the communication happening between two people who are using a private connection for interaction.
The attacker not only intercepts the verbal or non-verbal messages and transmits them but is even capable of tampering it by injecting new and fake ones into the original message.
Several cryptographic protocols include some sort of endpoint authentication such as TLS authentication in the web browsers. But the man-in-the-middle attacker has to impersonate both sides of the endpoint authentication protocols to successfully intercept the messages travelling to and fro over a network or communication line between two or more people.
One prominent example of MITM attack is the Equifax 2017 incident when Equifax had to withdraw its mobile phone apps after concerns were raised over MITM vulnerabilities.
Seven types of MITM attacks are:
- IP Spoofing
- DNS Spoofing
- HTTPs spoofing
- SSL hijacking
- Email hijacking
- Stealing browser cookies
How is a man-in-the-middle attack executed?
The common method in which man-in-the middle attack is carried out is via phishing attacks, predominantly. It involves sending fraudulent messages or emails to targeted users. These phishing messages and emails appear to be coming from trustworthy sources.
Usually such mails and messages contain a malicious attachment or web link, which upon clicking leads to auto-downloading of malware onto the targeted device.
Once the malware is installed on the browser, it then begins data transmission occurring between the victim’s device and specific websites like banks to the cyber exploiter.
Protection against man-in-the middle attacks.
Here are few ways to safeguard your device, data, and connections against MITM attacks.
- Ensure that the HTTPS protocol is present in the URL of any website you are visiting indicating a safe and secure site.
- Beware of phishing emails and their attachments or links.
- Avoid clicking on links coming via unknown emails. Even if you do need to open a link, type out the URL in the browser other than clicking or copy-pasting a link directly
- Avoid connecting to public Wi-Fi routers directly.
- Use a VPN service to encrypt your data and mask your identity.
- Install an advanced internet security solution along with an effective firewall.
- Keep your antivirus, OS, and other applications up-to-date always.
- Protect your home Wi-Fi with unique passwords.