Have you ever seen the Explained series on Netflix? It takes serious and important topics, and explains them in an easy way. Well, now it is time for me to explain to you easily what a man-in-the-middle attack is. There are for sure more advanced articles on the subject, but here I would like to explain it to you in an easy and understandable way.
When you surf the Internet, you have probably noticed that normal website-addresses are using http or https before the actual address. Most people only know about the http, simply because that is how it all started. But, by 2020, most websites use https, where the additional S means that the connection is secured using a TLS/SSL protocol. As a result, your data transferred will be encrypted, and hackers are not able to see what information you are sending.
Now, let us return to our man-in-the-middle attack. What is it all about?
When you visit this website, the address is https://www.ipaddressguide.org/. If you use the WiFi spot in an Internet cafe and someone tries to spy on you and all the other activity taking place in the open WiFi network, they will not be able to see it, because the website uses the TLS/SSL protocol to secure the data. For this simple reason, it is important never to transmit confidential data online if you visit sites with http addresses, and not using the https address.
How can you see the difference? Check the little image below. Do you see the lock? It is closed. This is your browsers way of telling you that the page is encrypted and that the certificate is valid.
Here you can see an example of a website using the normal http address (that is, not secured)
How does a man-in-the-middle attack work?
If you use an open WiFi network, there are many ways hackers can see the data you are sending. But, when a man-in-the-middle attack is taking place, all your data is sent through a third party (of which you do not know). That is why it is called a man in the middle attack. The trick is, you still believe that you are communicating directly with the second part, when in reality, all your traffic is sent through or going through a third part.
An easy way to fix this, is when someone creates a Hotspot somewhere and you connect to it. You believe the hotspot is harmless, but in reality, this is a third party now able to see your traffic and to steal your data. The trick, however, is that you still get access to Internet as you would expect. So, you don’t feel any harm, nor are you worried about anything.
Our hacker, however, can now see all your traffic and all traffic sent without encryption (to http websites) can now be intercepted or stolen. When you are finished, the hacker still has access to all your passwords that you just revealed. In the same way, if you check email with your email program and the information is sent without encryption, the hacker can easily see that information as well.
You might also believe that you are chatting with someone else (and you do), but the man in the middle can spy on your conversation and change whatever is being said. As a result, he can influence the conversation and make sure that information is shared that he/she can later take advantage of.
That is why it is so important only to use WiFi networks you trust, and not to reveal any confidential information or passwords on normal websites not using the https protocol. Do you get it?
It can also be referred to as a man in the middle attack when you have malware installed on your device, which later leads to someone spying on your activities. You might not know about it, but the malware is intercepting your activities, changing answers, and thus, taking advantage of you and your data.
How to stay protected against man in the middle attacks?
Using common sense is always important. Don’t click just any link, don’t install just any application, and don’t say yes to everything whenever you install a program. Even programs you trust might be infected with malware, so be careful.
Besides this, use common sense when surfing the Internet. Don’t use open WiFi networks, and if you do, always use a VPN to encrypt your data.
Never enter confidential data on a website not using https.
If a conversation seems strange or if someone asks for data you wouldn’t expect them to do, pick up your phone and talk to the person instead. You might find out that someone is actually hacking your conversation!
These are just some general tips. I hope you have found the article to be easy to understand and useful. If you have further comments or questions, just write them down. I would love to hear from you!