What is a man-in-the-middle attack and how to protect yourself against it?

After reading this article, you will be able to better understand:

• What a Man-in-the-Middle Attack is and How It Works
• The different types of man-in-the-middle attacks
• The risk of an unsecured wireless network
• What are the dangers for SMEs?
• Methods of protection against man-in-the-middle attacks

Man-in-the-middle attack, a real game of Chinese whispers

Remember the game of Chinese whispers? One person invents a difficult-to-remember phrase and whispers it into the ear of the next person. This process is repeated until the chain has completed one complete loop. The last participant repeats the phrase aloud, which, to everyone's delight, is often completely different from the original.

Think of a man-in-the-middle attack as a three-person game of telephone, with the middle party deliberately manipulating the information they receive. They retain the information they've recorded and use it to harm one or both of the parties involved.

With the growing importance of internet-connected devices, awareness of this type of cyberattack is becoming essential for businesses. This article will therefore raise important points regarding your organization's ability to deal with this type of attack.

What is a man-in-the-middle attack?

Derived from the English expression man-in-the-middle attack, a man-in-the-middle attack occurs when a cyber hacker intrudes into an exchange between two parties. In computing, the exchange can occur between two users, or between a user and a server. As you can see, the criminal who intrudes into the exchange is the man-in-the-middle.

This form of cyberattack is one of the oldest and most documented. It is more of a method to achieve an end than an end in itself; it can be used to spy on a user or server, steal confidential information, or redirect funds, resources, or a user's attention.

How does a man-in-the-middle attack work?

Cybercriminals can break into a conversation in several ways, but the one we'll be looking at more specifically is through phishing .

In a corporate setting, for example, attackers could send an email containing a fake invoice from a supplier to the finance department. This message, which often looks very similar to the original message, will most likely be intended to create a sense of urgency in the recipient.

The email will also contain a link to the provider's customer platform, where the employee will enter their login information. They will then transfer the funds to the hacker's account, unaware that they have just made a mistake.

The link could also contain malware that could infect all computers on the company's network. This malware could allow the cybercriminal to intercept all communications between the company's employees and external collaborators and carry out multiple, separate attacks.

“[In 2018], 35% of exploitative activities related to online crime involved man-in-the-middle attacks”
– IBM X-Force

Types of Man-in-the-Middle Attacks

There are many types of man-in-the-middle attacks. Here is a non-exhaustive list:

• IP address spoofing
• DNS spoofing
• HTTPS spoofing
• SSL Hijacking
• Email hijacking
• Listening on Wi-Fi
• Web Cookies Stealing from Your Browser

The Danger of Unsecured Wi-Fi Networks

One of the most common methods used by cyber hackers to conduct a man-in-the-middle attack is to exploit weaknesses in unsecured wireless networks. These networks are often public or may be unprotected corporate networks, although this is rare.

This is why it is extremely important to be careful when using public wireless access points. When working on this type of network, do not perform any actions that require confidential information.

Additionally, make sure your wireless network, both at work and at home, is protected with WPA2 encryption.

The Importance of HTTPS to Counter Man-in-the-Middle Attacks

HyperText Transfer Protocol Secure, or HTTPS, allows users to validate the identity of websites they visit by receiving authentication. Issued by a third party, it guarantees the confidentiality of data sent by the user and received by the server.

Traditionally used for online financial transactions, HTTPS is now a standard on the web. You can check if your connection is secure by looking at the top left corner of your web browser (Chrome, Firefox, Edge, etc.). You will see a padlock to the left of the URL of the site you are visiting or see https:// at the beginning of the URL. If you only see http://, then the connection is not secure.

Do you know if your business website is secure? Typically, CMS platforms like WordPress or Wix allow you to easily integrate HTTPS into your site.

How to protect yourself against man-in-the-middle attacks?

Since SMEs are the most targeted by cyberattacks, it is important that they be able to protect themselves against cybercrime. According to CSO magazine , citing the IMB X-Force Intelligence Index 2018, 35% of exploitative activities related to online crime involved man-in-the-middle attacks.
The consequences of such an attack include financial losses, customer losses, and even time losses.

Other, more intangible consequences, such as loss of reputation and the risk of external partners, can also come into play and seriously harm affected companies.

What are the challenges related to man-in-the-middle attacks for SMEs?

There are several ways organizations can improve their security posture.

You can therefore opt for a WEP/WAP encryption mechanism on your access points. By doing so, even if an attacker intercepts confidential information on a network, they will not be able to decrypt it.

Virtual private networks ( VPNs) should also be used for remote work. They use key encryption to create a subnetwork that secures communication. This method is especially useful when connecting to a private Wi-Fi network.

Additionally, it is possible to enforce the use of HTTPS on unsecured sites. You should always browse sites using HTTPS. If you must visit HTTP sites, there are browser extensions that will enforce the use of HTTPS.

There are also cybersecurity best practices you can spread within your company. By adopting healthy browsing habits, you can limit a large number of attacks against you.

Nexxo can help protect you against man-in-the-middle attacks

Are you a business and has this article raised questions about your IT security? Contact us now. The initial consultation is free, and we'll be happy to assess how we can help you.