“Who said that…?”

Before I begin, I have to tell you the truth, I did get caught by my manager singing Stormzy. My colleagues have been on my neck about it so I thought let me come clean. Anyways, today’s topic is about a man in the middle attack. You’re probably wondering what it is. To put it simply, it’s a cyberattack where a cybercriminal places themselves into a conversation between two people. Once this happens, the cybercriminal can intercept the data being transferred between them.

Hackers who perform a man in the middle attack are also able to modify what is being sent between the two parties. This is done by meddling with legitimate networks or creating fake ones that are controlled by the attacker. The data that is sent over the network is then stripped of its encryption by a technique called SSL stripping. Once the encryption has been stripped, the data is now in plain text and at the disposal of the hacker. I have done a blog about encryption and if you have read it (which you should have by now), you know how important it is to have data encrypted.

For example, let’s say Deji owes Tomi money (Nigerians and money smh) and an attacker inserts themselves into their conversation. 

Tomi:         “Send over your public key”

Attacker:   Forwards message over to Deji

Deji:           Sends the key to Tomi

Attacker:   Intercepts the key and sends her own key to Deji (yes, women can be hackers too)

Tomi:         Sends account details to Deji 

Attacker:   Intercepts message and sends her own account details to Deji

Deji:           Sends money to wrong account

Attack is now complete.

The attacker tricked both parties into thinking they were speaking to each other, when in fact they were speaking to the attacker.

Another method that hackers use is an evil twin attack. This is where attackers will create a wi-fi network with the same name as a legitimate wi-fi network. Once a user connects to the attacker’s wi-fi, all the data that is sent goes straight to the attacker. This can be done via smartphones that have mobile tethering* features available. Hackers can also take this opportunity to install backdoors**… just throw your device away at this point. I’m joking, Cyber T’s got you. To be honest, it is hard to spot an evil twin (obviously) but this is because the SSID (Service Set Identifier)*** appears valid. A VPN is the best way to stay safe from open wi-fi networks.

Man in the middle attacks are difficult to spot and can go unnoticed if you are not vigilant, but even then it’s too late. It’s important to understand the types of threats that affect our personal information. Hopefully, these blogs are keeping you informed and you are applying the tips provided to keep your data secure.

‘Tips with Cyber T’

– Use a VPN when connecting to an open wi-fi network – Be aware of phishing emails (if unsure how to spot, read my phishing blog) – Check that the web page has proper authentication by ensuring it starts with ‘https’

* Tethering: Is the connection amongst devices in order to connect to the internet
** Backdoors: A computer defect that allows surreptitious unauthorised access to data
*** SSID: Is the name of a network e.g. Heathrow Terminal 4 Wi-Fi

Love & Guidance

TT