Crimeware

Man-in-the-Middle Attacks

They say if you wait long enough, old ideas are bound to be repacked as new ones. Well, ransomware attacks have been around for more than 30 years, which is why it is no surprise we are experiencing a resurgence in an old form of cyberattacks: man-in-the-middle attacks (MITM). Though the name might sound playful, this attack is not something you want to play around with.  

Imagine you are attending a conference. You want to do some work prior to your next session, so you connect your laptop to what appears to be the conference’s trustworthy public internet network. What you do not realize is that you have connected to a sham WiFi: Your network traffic is now at risk and can be rerouted to malicious websites for theft. This is a man-in-the-middle attack. Although there are a variety of ways hackers can deploy MITM attacks, many utilize public Wi-Fi networks or create free unencrypted Wi-Fi connections. 

The goal of a man-in-the-middle (MITM) attack is to steal personal information, including login credentials, credit card numbers and account details. As we have seen, attackers deploy MITM attacks to steal personal information by positioning themselves in a conversation between a user and an application. By impersonating one of the parties, hackers can retain anonymity and disguise the attack as a normal interaction. Warning signs include unexpected or repeated disconnections, strange URLs, and sudden switches from HTTPS to HTTP.

Steps for staying safe from MITM attacks can often be common sense. For instance, never disclose credit card information or any sensitive credentials to websites you don’t trust. Other security protocols are less intuitive: For instance, one should only browse HTTPS websites (as these sites carry SSL/TLS encryption). Alternatively, you can also install a browser plugin to enforce an HTTPS-only rule to ensure you remain HTTPS compliant.