Man-in-the-Middle Cyber Attacks | What & How

Last year, Van Ristau and I covered cybersecurity in a series we called Cybersecurity Wednesdays. In the series, I highlighted nine cyber attacks in an infographic and short ebook. I need to ask for a “CTRL+Z” because I missed an attack that’s not only worth mentioning, but is one of the biggest threats facing data today. It’s called a man-in-the-middle attack.

What is a man-in-the-middle-attack (MITM)? It’s when your device is connecting to a server or other device and someone inserts themselves in-between. For instance, a hacker can intercept an HTTP transaction between a client and server in real-time. They can then simply gather information or in some cases change the data passing through. While using a LAN connection is easier for a hacker to successfully deploy an attack, they can also be done through Wi-Fi. It’s essentially a form of cyber eavesdropping.

With more web applications releasing every day and the rise of the Internet of Things, securing connections between devices and servers is vital to the future of the internet. Especially as more public Wi-Fi spots, like those in airports and malls, become available. While convenient, they tend to be less secure.

Recent Man-in-the-Middle attacks include:

How do you protect yourself? Ensuring that data flow is encrypted is a first step. Look for HTTPS in a site’s URL to know if the site is encrypted. If not, add the S and refresh the site. For more advanced methods, I’ve read that enabling a virtual private network (VPN) can help. But there are still mobile devices to worry about. For that, it’s recommended you have an endpoint protection solution in place like Symantec’s.

A few months ago I wrote about The Internet of Hackable Things, and this post is in that same family: Every day we’re adding more connections to the internet, but there are still fundamental cybersecurity problems we need to solve.

What we, the software community, need to do is adopt a practice John Slye, Deltek’s cybersecurity analyst, talked about in his GovDefenders keynote: “From ‘bolt-on’ to embedded security.” If we aren’t designing security into our products or ensuring that all exploits are accounted for, we’re partially at fault for successful cyber attacks. Sadly, the web is a war and it’s time we surround our castles with walls and moats; it’s time we gave customers the same protection we provide ourselves.

Edit: Apple just announced Swift, a new programming language with security considerations built-in such as overflow checks and automatic memory management. John would be proud; I am.