What are Man-In-The-Middle Attacks

man in the middle attackWe’ve all heard computer security experts advise us against using wireless devices at public places like airports, hotels and coffee shops. But have you ever wondered what the big deal was all about?

One of the most common and obvious reasons that come to mind is the threat of “packet sniffing”.

Whenever you transmit unsecured information over a network connection, this information is also transmitted to every computer on your local network. Although computers are designed to ignore these useless packets, they could potentially be captured by a dishonest or untrustworthy person within your network.

The software that collects these packets are called “packet sniffers”. In the past, only brilliant hackers with a high degree of network security expertise were able to sniff out packets. But today, there are a number of easy-to-use programs that make it easy enough for the average teenager.

One way to avoid this kind of digital eavesdropping would be to only submit passwords and other sensitive data through “secure” web sites that rely on HTTPS connections. These sites use a technology called SSL to strongly encrypt online interactions using special certificates, ensuring that any eavesdropping will bring up scrambled, useless data.

But there’s another kind of exploit that’s able to get around this type of encrypted connection, and it’s especially practical for use against users on public wireless networks.

These are often known as “Man-in-the-Middle” attacks.

Typical Man-in-the-Middle Attack Scenario

  • Joe’s coffee shop offers a free WiFi to their customers, and it broadcasts with the name “JoeFreeWiFi”.
  • This wireless router was set up and managed by a barista who makes minimum wage and has no network security training whatsoever.
  • Mary connects to this WiFi with her laptop every time she’s in the shop.
  • A hacker sits down at a table with his laptop, and disables the wireless router by unplugging it when nobody is looking. He then gets his wireless card to broadcast itself as a wireless network called “JoeFreeWifi”.

And Now The Trap is Set.

  • Mary walks into the coffee shop and turns on her laptop. Because this is a trusted location, her computer automatically connects to “JoeFreeWifi”. Mary doesn’t suspect a thing.
  • She connects to her bank’s customer portal using the secure login page.
  • A legitimate secure connection is established between the hacker’s laptop and the bank’s web site through his 3G. Then – using a fake certificate – a secure connection is established between the hacker’s computer and Mary’s laptop.
  • When she sends her password through, it is decrypted by the hacker and then re-sent to the bank’s web site. To Mary, everything looks perfectly normal. But all of her confidential banking data is being intercepted by the hacker.

This is just one of many examples of how computers could be compromised when using a wireless network. In the example above, the hacker is physically sitting inside the coffee shop… but he could actually be anywhere within a 1 mile radius of the shop. And without proper network security training, it would be difficult for Mary to tell there is anything strange happening.

So what can you do to protect yourself from Man-In-The Middle Attacks?

If you’re working away from your trusted internal network, make sure that you’re using an additional layer of protection in your communications. Virtual Private Networks are perfect for this, and they’re very inexpensive and easy-to-use.

And if you have any programs which transmit data in the background, make sure they use an extra layer of client-sided encryption when transmitting packets. For example, your online backup software should first encrypt the backup data packets on your end using very strong encryption (such as 256-bit AES) before transmitting these encrypted packets over an SSL connection.

This will help minimize the possibility that anyone can listen in on your conversations, steal your passwords, or gain access to your private backup data files.

About The Author: Storagepipe has over 10 years of experience in protecting the sensitive online backup data of mobile laptop users.