Man In the Middle attack is a very popular method to hack into a network. Man In The Middle attack is a type of cyber attack where a hacker inserts him into a conversation between two computer systems and gains access to the information that the two systems were trying to send each other. Man In The Middle Attack allows a hacker to intercept, send and receive data that going to transfer between two parties/computers. A MITM attack exploits the real-time processing of transactions, conversations or transfer of other data.
Example of MITM attack
Modifying sent InformationFor example, consider two-person Jack and Jill. Jack typed a mail " Hi Jill, how are you? I`ve heard that you broke up your relation with Tom. I was waiting for the right time to tell you something and I think today is the right day. I love you. please meet me at CN cafe."
But when Jacks sent the mail, it will pass through the attacker and the attacker can change the mail like "Hi Jill, jack is such a stupid boy. Don`t make a relationship with him. I am Jerry and I am a good boyfriend for you."
Jill will get the modified e-mail and she will meet Jerry. This way an attacker can inject false information.
Redirecting to another websiteIf a person is connected to the same network where the attacker inserted himself and browsing facebook.com website. Now the attacker can get information of which website the person is browsing now and he can redirect the person from facebook.com to a malicious website and can remotely install malicious applications on the device.
Capturing browser CookiesThe attacker can capture browser cookies sent over an unencrypted network. He can also capture data packets if the person browsing an unencrypted website. If the attacker can capture cookies, he can log into the person`s online accounts or he can collect passwords, credit card details etc.
How to get rid of MITM attack?
- Don`t browse HTTP websites if you are connected to a public network.
- If you see that someone attacking you then quickly clear your browser cookies and history, log out of your online accounts and change their passwords.
- Don`t use personal information while you are connected to a public network.
- Use WPA2 security in your personal router that no one can hack into your network.
- Always use HTTPS websites for your important works.
- Don`t connect to any free, suspicious public network.
Interactions susceptible to MITM attack.
- Financial sites- between login and authentication.
- Connections meant to be secured by public or private keys.
- Other sites that require logins- where there is something to be gained by having access.