Don’t Fall Victim of Man-In-The-Middle Attack

If you ever been to a Starbucks and connected to their wifi network, then listen up because this article is for you. Free wifi is always a great thing, especially when you do not have a mobile network to connect to. Free wifi is common in places such as malls, some eateries, and hotels. Most people connect to them because it’s free and it allows them to sit down and get online quickly and free. While there is no issue with connecting to a free wifi network, there are potential dangers to how and what network you actually connect to. Let’s talk about what a man in the middle attack is and then let’s explore how it can be used against you.

A man in the middle attack, like the name implies, is when a bad actor sits in the middle between you, the user, and the world, the internet. An attacker digitally sits between your computer and the internet, watching everything that happens in between. Thus the name, man in the middle. The concept is not very complex, but here’s how it typically works. A bad actor will set up shop somewhere where people are connecting to wifi networks. Now, the attack is not isolated to free wifi networks, this can be done just as easily on any wifi network, but most attacks will open out in the wild where people are more likely to not question the connection they are using. The actor typically has some sort of physical device that broadcasts out a wifi signal. That signal is masked to look just like the real free wifi signal that a hotel offers. A user connects to it, thinking that it’s the real network and starts browsing online. At this point, if a user’s computer connects to the rogue free wifi network, then they become vulnerable to a man in the middle attack.

But you still have internet, so who cares how you connect because your stuff is safe? A good portion of internet traffic is encrypted but some websites do not encrypt their traffic. That means that the attacker can have a free tool like Wireshark that allows the person to capture and analyze all the network traffic going through his/her device. Basically what this means is that if you visit a website that isn’t HTTPS, but just HTTP (notice the missing ‘S’), then any interaction you have with that website is plain and anyone watching can see everything. If you are uploading pictures, downloading pictures, entering credentials, usernames, anything you type on your keyboard is available.

There are a couple of things you can do to protect yourself. First, whenever possible, do not join free wifi networks. If you are going to join, try to use a Virtual Private Network (VPN) which hides all your traffic regardless if you are visiting websites that are HTTPS or not. Also, disable auto join open networks. You want to have control of when and what network you connect. And lastly, as a normal rule of thumb, check the URL of every site you are visiting and whenever you are going to do something with your personal information, make sure it has an HTTPS at the beginning.

I’m an engineer working professionally in San Diego, CA. I’m trying to improve every day and use this space to document. Connect: