Written by: Saurav Phuyal - 24035, Grade XI
Posted on: 07 February, 2023
MITM which is also known as (Man in the Middle) Attack is a cyber attack carried by intercepting a connection between a router or internet source and its client device. In this attack, the attacker intercepts the connection between an internet source and the victim which allows the attacker to read internet packets sent from a client device to router or gateway. If packets sent from a victim’s device are not encrypted, then it is very easy for an attacker to read packages.
Example: Suppose you are the victim and I am the attacker. You would be connected to the same WIFI in which I would be connected to; before I start attacking, your device would be sending and receiving internet packets (data) directly from the gateway or router to your device. In this way, there would be no one between the router and your device. But as soon as I start this attack, everything should change. The packets you would send from your device are first received by me or the attacking device then I could read and modify the data sent from your device and then I could also send it to the router or gateway and the same applies in receiving packets from gateway to your device. In this process, if your device sends unencrypted packets then I would be able to read those easily.
How to prevent it: First of all, these days, many routers don't support or allow this attack, but in places like schools, hospitals, etc. there seem to be less secure connections. At this point, if you login to sites that don’t use http(s) protocol and if someone is running an MITM attack, then the attacker can easily read and make use of your credentials. A very good example of an unsecured site that doesn't have secured protocol would be : http://system.deerwalkfoods.com which is often used by students, teachers, and other staff in deerwalk. Here, in this site you can see that it only supports http (Hypertext Transfer Protocol) where it should be using https(Hypertext Transfer Protocol Secure) to prevent such attacks. Using an SSL certificate and enabling SSL port in the web host of the site can result in the site to be secured.
People are mostly vulnerable to such attacks in public WIFI’s and other free WIFI. It doesn’t mean that is not possible in the home network but the possibility of being its victim is high in such places. From your side, you can prevent MITM attacks by using VPN which secures the connections and data sent from your device. It is the easiest way to prevent MITM Attack.
Some most common MITM attacks are:
HTTP Spoofing
ARP Poisoning
Email hijacking
Session hijacking
Cache Poisoning,etc.
You might have been a victim of this attack already, maybe in school or other places. So make sure you use secured connections, secured sites and most importantly, secured VPNs from now onwards.
