Dwight Watt - Newspaper Article #244 3/26/2014


Question: What is a man in the middle attack?

Answer:

Man in the Middle attack is the name of a security violation that occurs in the world on the Internet, although can be on private networks also. Basically it is eavesdropping putting it as real simple.

Often a Man in the Middle attack is done in a wireless setting by setting up an access point at a public wireless location and making the new wireless access point appear as a one supplied by the organization giving free wireless access. Then the people connecting to the wireless network there see a wireless access point that appears to be a valid one but it was set up by someone different.

Basically this is similar to old fashioned wiretapping where someone listened to the wire to hear the conversation going thru it by having a device to pick up the electronic signals.

For instance you may be staying at ABC Motel and go to connect to their wireless network and see an option for abcmotel and wirelessabc. Not looking at the motel directions for Internet access you choose abcmotel which is a fake access point and does let you on the Internet. The real one was wirelessabc. Now when you send stuff across the Internet it goes thru the abcmotel access point and the owner of that device is watching traffic and scans your information. You decide to check your bank account so the fake one sees and keeps your account number and password and the owner of it then is able to get in your account, assuming that it had not been encrypted. Now they can use the information to get in places.

People use the same password for lots of different accounts so if the one with the rouge access point tries other places with same password and account name they may get in, but probably did not get your bank account as it was encrypted (I do not know of any bank that is not using encrypted communications which is where you see the website as https instead of http which tells you it is encrypted). However man in the middle attacks can also grab the beginning of conversations that will be encrypted and get the key to the encryption.

This is a reason that it is often recommended to not do financial dealing and other confidential type work when on public networks. However in today’s world that is not always possible and using our phones and other mobile devices makes us more sensitive to possible man in middle attacks. Man in the Middle attacks can also be more sophisticated than in my example as ways to steal higher level data.

When you are going to use a public network for your wireless connections try to make sure you are connecting to a device they supplied. Remember anyone can assign whatever name/SSID (the name of a wireless access point which is also referred to as a SSID) to a device.