MitM Attacks: Understanding the Risks and Prevention Strategies

While they may seem old fashioned, in a world where digital connections take up more and more of a share in both business and personal activity, man in the middle attacks are a very pertinent and even dangerous threat.

‍

The basic details are well known: while two users communicate, a third user secretly monitors the communication line, intercepting and reading the communications from one user to another, and possibly altering the contents of the message. In many cases, this depends on the malicious user being on the same network as one of the two users, and this allows for the possibility of detection.

‍

The best way to screen against MitM attacks is through network monitoring. It is considered highly advisable for users to be aware of every device that is intended to be on their network, so that they can detect unexpected devices that would be signs of an outside actor.

‍

Another sign is if you are frequently being disconnected from a network: a threat actor may be deliberately kicking you so that they can watch your device and intercept login credentials. Also be on the lookout for web browser warnings regarding invalid SSL certificates: they are a sign of a potential SSL stripping attack, through which a threat actor can intercept HTTPS traffic.

‍

The best way to prevent MitM attacks is to use secure, private connections, and confine traffic to websites using HTTP Strict Transport Security. Public Wi-Fi should be avoided for any communications involving secure information, because those are the easiest places for a threat actor to intercept traffic.