Man in the Middle Attacks
Senior Technology Business Engineer
NET Xperts LLC
When you were younger, did you ever play the game “Monkey in the Middle”? That infamous game where 2 people throw a ball back and forth and try to keep the “man in the middle” from getting the ball has been around for a very long time. I’m sure that everyone has played this either as a child or even now with a pet, and eventually, the “Man in the Middle” generally gets the ball when either the thrower or receiver is careless. Did you know that it’s possible for the same thing to happen with your data on the internet?
“Man in the Middle” attacks are more common than the average user would think. There are many ways that a “Man in the Middle” attack can happen – through a phishing attempt where credentials are stolen, through using public Wi-Fi, or even just by a bad Google search. But the most dangerous part of these types of attacks – they’re virtually undetectable when they happen.
Let me give you a couple of examples of “Man in the Middle” attacks:
Example #1: You are having a conversation with your boss via E-mail or Microsoft Teams. Unbeknownst to you, your boss logged into Microsoft 365 using a link that was a malicious link from a Google search. The bad actor now has your boss’s credentials and an open session to your chat, since your boss was not utilizing Multi-Factor Authentication. The attacker sits and eavesdrops as you talk about a company initiative that is coming up; and you transmit sensitive data in the conversation, because you’re just talking to your boss, right? The attacker now has that sensitive data, and it was completely undetectable.
Example #2: You are online banking to reconcile your checking account. Because it’s an extra step to go to your bank’s home page and click through another page to get to Online Banking, you decide to just google “MyBank Online Banking.” You click on the first link that comes up, and proceed to log in with your Online Banking Credentials. Your account information displays as normal, and you go about your business. What you don’t know, however, is that you clicked on a malicious link to log into your Online Banking, and an attacker now has the same open session on their computer that you do. They immediately drain your account, leaving you with a whopping 28 cents to your name – not even enough to make a phone call! Did you see that coming?
Example #3: You’re sitting in a coffee shop drinking your favorite latte (something overly sweet and full of cinnamon, in my case), and you decide that since you have an hour to kill before you must be anywhere else, you’re going to catch up on E-mails. You reach for your iPad, and you connect to the public Wi-Fi so that you’re not using data on your data plan – a quick and easy task since there’s no password on the Wi-Fi! You proceed to review and answer some E-mails from your coworkers asking for various pieces of information, some of which may be sensitive. There are many other people using their various tablets or laptops in the area – it’s a coffee shop so this is normal behavior, right? What you don’t know, however, is that at one of the tables in the coffee shop, someone is using a device that is intercepting all this Wi-Fi traffic before it goes to its purposed destination. They can see every bit of data that is going through the connection from everyone in the coffee shop – prime information for the taking in a prime place.
These are some very real and very scary scenarios – and they’re very dangerous since they’re virtually stealthy. There are, however, a few things that you can do to help protect yourself, both personally and in the business world.
Here are some tips for thwarting these types of attacks:
- Utilize Multi-Factor Authentication – I recommend this for a lot of reasons, but in this case, it will help protect you if your credentials are stolen from a “Man in the Middle” attack. Adding that extra layer of protection by utilizing something that you HAVE, not just something that you KNOW, will make it very difficult for someone to impersonate you in the virtual world.
- Avoid Public Wi-Fi – Especially when you’re dealing with sensitive information or signing into an account that contains sensitive information, public Wi-Fi is a no-no. Typically, Public Wi-Fi is unencrypted, which means that anything you send or receive is just flying through the airspace around you, just ready for anyone to pull “out of the air”.
- Be Aware – Look for signs of abnormalities that may indicate an attack. Frequently being asked to sign in again, web addresses being displayed in the address bar that you don’t recognize or are misspelled, or even unusual language in an E-mail that looks like it’s coming from someone that you know are all signs of a potential threat.
Remember, the internet makes things a lot more convenient for access and transmission of data, but it’s NOT a safe place on its own. Security and Convenience are mutually exclusive: the more secure something is, the less convenient it becomes to access it. A minor inconvenience for you will likely end up being a major showstopper for a bad actor. Taking these few extra steps will be a little less convenient for you, but in the long run it will make utilizing this powerful resource of the Internet a lot safer.
Oh, and do me a favor – stop answering those “fun games” on social media that ask you about your first car or your favorite teacher. You’re putting your answers to common security questions right out there on the internet for everyone to see. Protect yourself and stay safe out there!
NET Xperts can help protect your business against these attacks by helping to block malicious links, monitor devices for suspicious activity, and more! Call us today for more information about protecting your network against the unexpected at 412-244-NETX (6389) or request more information here.