Man-in-the-Middle Attack

A man-in-the-middle (MitM) attack is a type of cyber-attack where your data is intercepted by a third party while travelling over a network. The attacker intercepts and relays messages between two parties that believe they are communicating directly with each other. In doing so, the attacker can gain access to sensitive information in real-time.

Using public Wi-Fi can put you at risk of a MitM attack. A cyber attacker could make a Wi-Fi connection freely available in a busy public area such as a coffee shop. The Wi-Fi hotspot would appear to work as normal, but because the attacker is in control of the network, they could potentially capture any information that is sent over it, including login credentials for any services you use.

Warning Signs

The following could be signs that you have fallen victim to a MitM attack:

  • Your network connection seems slower than usual. Because your network traffic is passing through extra software or devices under the attacker’s control, web pages may be taking longer to load than usual.
  • Look out for any warnings from your browser about untrusted certificates. Most legitimate websites now use https certificates signed by a trusted authority to help you make sure that you are not falling victim to a cyber-attack.

Actions

If you believe you are victim to a MitM attack, take the following steps:
  1. Disconnect from any untrusted networks.
  2. Make sure your antivirus software is fully up to date and run a virus scan on any devices that may have been exposed.
  3. Reset passwords for any accounts that may have been compromised and turn on Multi-factor Authentication (MFA) wherever possible.
  4. Use a Virtual Private Network (VPN) whenever outside the office to prevent being exposed to a MitM again.