Browsing the Internet seems to be quite simple. Type a website address, hit Enter and you’re there! However, the process that happens at the backend is quite complex and is also the junction from where hackers and attackers make their way. In this post, we will be taking a sneak peek on how a man-in-the-middle-attack happens.

What is a Man-In-The-Middle Attack?

It’s a method with which hackers interpose between you and the computer you are communicating with. This is done in order to read the communication between the two ends or change the information that is being exchanged.

This procedure was used extensively by hackers before the websites were running at ‘http’ which means they were not secured. However, with the introduction of ‘https’ i.e. secure connection, there has been a reduction in these types of attacks but those with a little more knowledge and will-power still attempt these attacks successfully.

What Makes Users Prone to MITM Attacks?

While PCs are common targets of the attackers, mobile phone users are now the new sufferers. Because of the rising trend of connecting with public networks such as open WiFi at airports and cafes, mobile phone users expose themselves to dreadful risks.

How Does a Man-In-The-Middle-Attack Happen?

For any activity that one makes on the internet, encryption needs to be done between the two parties wherein public keys are exchanged. Now, as an example, imagine that there are two individuals Chris and Betty who are communicating. When Chris sends a request to Betty, he sends his public key. Betty encrypts the message using that key and in turn, sends his public key to Chris.

Now, imagine if a third person, say, Mark, intercepts between Chris and Betty. He substitutes Chris’s public key with his own public key and does the same with Betty’s public key without letting them know. Now both Chris and Betty will be using Mark’s public keys for encrypting information. Mark can decrypt them with his own private key. After decryption, he reads the message, maybe alters it, then encrypts it with Chris’s public key intercepted in the first step and forwards the message to Chris. He proxies all communication to and from Chris or Betty and neither of them knows he’s listening.

How to Detect an MITM – “https”?

For those less tech-savvy internet users, detecting an MITM attack is quite difficult. However, a simple way is to check the SSL certificate of the website you visit. You can do it by checking the address of the website in your browser’s address bar that should start with ‘https’, which means the connection is secured and encrypted. In case a website’s SSL certificate is expired, it is wise enough to close the website immediately.

Further, make sure you have a total security antivirus downloaded and installed on your computer. In the case of mobile, you can go for a reliable mobile security software. Make sure you never click on random web links or share your confidential information with anyone over the web.

Practicing these tips, you can prevent man-in-the-middle-attack from making you its target.