By Tyler Moffitt

By Tyler Moffitt

The question in this edition’s “ask a security expert” comes to us from Steve Boulton, a technical account manager at Business Computer Solutions, who asks, “What is a man-in-the-middle attack?”

At the most basic level, man-in-the-middle (MITM) attacks are just a more advanced form of eavesdropping. But, despite their often-simplistic nature, they can pose a serious threat to you, your personal data and your business. Here’s some helpful information on what you should be on the lookout for when it comes to MITM attacks.

A MITM attack is when an outside individual, most often a hacker, intercepts and/or alters communications between two systems. These types of attacks can take shape online in any number of ways. From email to social media to just simply browsing the internet, hackers can get between you and whatever system or person you’re interacting with to capture your data and information.

How MITM Attacks Work

Despite the relative simplicity behind the concept of MITM attacks, they’ve evolved throughout the years, with hackers developing a variety of ways to execute these spy-like attacks. Three of the most common types of MITM attacks include Wi-Fi interference, email hijacking and session hijacking.

Once attackers have access to their desired email account, they quietly monitor the correspondence and wait for an opportune moment to make their move. Jumping into a conversation around money transfers is common. Hackers will insert themselves into the email conversation at the precise moment, faking a company email and providing their own bank details so victims believe they are sending money to the legitimate company but are actually sending it straight into the hacker’s account.

Protecting Yourself and Your Business from MITM Attacks

MITM attacks are sneaky; it’s in their nature. However, there are a number of ways that you can protect yourself, and your business, from falling prey to their stealth.

Individual users can take simple steps, such as paying close attention to whether a website is properly secured, logging out of applications when not in use and refraining from connecting to public Wi-Fi hotspots. By implementing cyberhygiene best practices you can dramatically decrease your chances of falling victim to a MITM attack. And if you must connect to an unsecured Wi-Fi network, make sure you …

… encrypt your data using a virtual private network (VPN).

Business can help prevent MITM attacks by implementing other strong encryption mechanisms. Two communications protocols — Transport Layer Security (TLS), which provides end-to-end security between two communicating computer applications, and Hypertext Transfer Protocol Secure (HTTPS) — provide encryption and authentication so the data being transmitted when an individual gains access to a website is protected. It’s also vital that effective encryption on wireless access points is in place to prevent unwanted users from joining, or forcing themselves into, the network.

Evolving MITM Attacks

As more devices become internet enabled, the MITM attack landscape will continue to evolve dramatically. With internet-enabled cars, fridges and even hair straighteners, hackers have never had more opportunity to insert themselves between you and the wireless systems you connect to.

Just as we experiment with these new technological advances, so, too, are hackers. MITM attacks are a real threat, and as we continue to embed internet-enabled technology into almost every facet of our lives, MITM attacks will remain a threat to watch.

Tyler Moffitt is a senior threat research analyst at Webroot who is immersed in the world of malware and antimalware. He focuses on improving the customer experience through his work directly with malware samples, creating antimalware intelligence, writing blogs and testing in-house tools. Follow Tyler on Twitter @Webroot or on LinkedIn.