What Are Man In The Middle (MITM) Attacks?
What MITM attacks are, and why they're dangerous.
What MITM attacks are, and why they're dangerous.
“Man-in-the-middle” is often referred to an attack, but does not have to be — it is a broad term to describe any device that sits between your computer and the destination.
With that said, when an attacker can position him/herself in between your data and a destination, you can imagine what becomes possible: stolen personal information, passwords/credentials, financial information, general browsing history, and more — all of which fall under a category of information that most would refer to as “sensitive.”
MITM attacks tend to occur when you are on an unsecured network, or run really outdated software. Before we dive deeper into how a MITM attack plays out, an analogy might help. Imagine if you (John) were calling Jane. Here, you begin your call by telling Jane about your day — nothing seems amiss. Unfortunately, your seemingly “secure” call has been monitored this entire time; everything about “your day” is now known by the attacker that has placed him/herself between your telephone and Jane’s telephone. This is the very definition of a “man-in-the-middle” attack — literally.
In more technical terms, a MITM begins with “inspection.” That is, an attacker will monitor outgoing traffic first to determine their next course of action (checking for insecure traffic, etc.). Other vectors include session hijacking (where cookies are stolen) and packet injection.
Their next course of action will eventually be to find a way to “slot” themselves in between for an attack. Whether they decide on using a stolen SSL certificate (for MITM’ing secure connections), to exploiting vulnerabilities in older SSL versions — so long as they can display themselves as an “invisible” entity between you and a destination server, it will be done:
Once this occurs, an attacker has (essentially) full control over the data being intercepted. They can modify data on-the-fly to fool a destination server into transferring sums of money to the attacker and steal other personal information (SIN/SSN numbers, your date-of-birth, and more).
MITM attacks, when executed well, can cause financial loss and damage to a victim’s identity. Whether the MITM attack is targeted or not, such attacks often require the exploitation of a vulnerability in old software or physical presence to intercept traffic. MITM attacks can be mitigated by using a secure tunnel* and up-to-date software, but no solution is totally foolproof. Here are some practices can be taken to reduce your chances of being caught by an attacker:
MITM Attacks refer to "man-in-the-middle" attacks.