Skip to main content

Man In The Middle Attack - EavesDropping in the Digital World

 
 

This is a term used to describe a cyber attack where a hacker acts as middleman, during data transfer between user and an application. The app can be a financial or an E commerce website, Software as a Service (SaaS) etc. The hacker can intercept data passed via the browser to the website, and collect sensitive information such as account and credit card details, user login etc.

To put it into context, it is like a postman who reads all the letters addressed to you, then reseals the same, on delivery. This way no one suspects a foul play.

 

Interception

This is the first phase of the attack. Here the hacker establishes a connection with the target device whether a PC, Laptop or Smart phone. This is done through various methods like

  •  Free WiFi : Here a WiFi hot spot is set up  which is not password protected. When a user logs in to the network, they are in essence connecting to the hacker's system. Now any data transfer occurs via this compromised system, resulting in loss of sensitive information.
  • ARP Spoofing : Stands for Address Resolution Protocol, it resolves IP address into MAC address in an Local Area Network (LAN). This system gets compromised. Now all traffic of the LAN network gets re routed to the hacker's computer.

DNS : stands for Domain Name Server. It converts the name of a specific website into its corresponding IP address. Here the server gets hijacked and all the legitimate IP addresses gets changed. Now the user is automatically directed to a malicious website. 

 

Decryption

Once the connection is set, the hacker sends a phony digital thumbprint to the browser. This is to make it believe a secure connection has been established. Also protected HTTPS website are downgraded to HTTP, known as SSL Stripping.  This way all information that passes from the user can be intercepted and compromised.

 

Prevention

  • Avoid using free WiFi specially in public places like cafe or restaurants.
  • Always check browser address whether it is HTTP or HTTPS.
  • Log out of all financial or Ecommerce website immediately after use 

 

Labels:

Comments

Post a Comment

Popular posts from this blog

Internet of Things-Connection Redefined

  Imagine driving home after a long day of work. En route the car instructs the residence to automatically turn on the lights, prepare a hot bath, and download the latest Netflix series. While this may seem like a line from a SciFi script, the future is more realistic than ever. Welcome to the world of IoT or Internet of Things. Though not as popular as its famous counterpart, Artificial Intelligence, its penetration into the consumer market is indeed extensive. What is IoT...... It is the term used to describe a   device, or set of devices which are connected to the internet,   and also communicate with each other. They can share data obtained from various sensors to a central hub, analyze it using  AI, and take appropriate actions. For example, a smart thermostat can read the room temperature, analyze the same, and adjust the heating system without any human intervention. Another example would be a smart camera which provides video footage when a movement is detect...
Post a Comment
Read more

Bluetooth - You are Connected

       We are entering the era of Internet of Things (IoT) devices, where each device connects remotely to one another, and the world wide web. This makes them smart in the way of integration to Artificial Intelligence, Machine learning and Data analysis. There are number of network protocols that facilitate this peer to peer communication be it ZigBee, Matter etc. More on that later.    What is Bluetooth  Invented  in 1994 by Ericsson and widely used, Bluetooth allows for short distance communication, within 10 meter radius. The data speed is between 1 Mbps and 3 Mbps. The bandwidth is in the range of 2.4 GHz to 2.485 GHz.   Frequency Hopping Unfold Spectrum This is the underlying tech used in Bluetooth. Data signals by default have low frequency, and high bandwidth. This makes them prone to distortion, affecting long distance transmission. Also the receiving antennas  have to be large in size which is a limitation for mobile phone...
Post a Comment
Read more