Cybersecurity recommendations to protect yourself from a Man-in-the-Middle attack

1351
SHARE

An FBI advisory in October 2020 issued a warning that there is an increased risk during the techno-pandemic of Man-in-the-Middle (MITM) attacks for teleworkers using hotels or other public Wi-Fi networks. They also gave a number of cybersecurity recommendations to protect your system.

Enter Email to View Articles

Loading...

MITM attacks can vary, targeting multiple vulnerabilities, and come from many sources. Hotel Wi-Fi systems are particularly vulnerable to Man-in-the-Middle cybercrime.

Public Wi-Fi networks are not secure. The hotel industry has no standards for secure Wi-Fi access.

Cybercriminals sometimes can crack encryption using fake certificates to pose as log-in portals, and bank or payment websites, in order to steal information. Passwords can be compromised on accounts and systems. 

The FBI advisory includes signs that your system has been attacked, and recommends immediate action you should take.

Signs a device is compromised

  • device pauses or slows suddenly 
  • website automatically redirects
  • the cursor starts to move on its own
  • the mobile device launches apps by itself
  • increases in pop-up ads
  • a sudden increase in data usage 
  • a sudden decrease in battery power
  • unexplained outgoing calls, emails, or texts

Actions to take if you believe your device is compromised

  • Do not forward any emails or files.
  • Turn off Wi-Fi and Bluetooth and disconnect devices from all networks.
  • Consult the IT department, if applicable.
  • When you don’t have an IT department, consult a cybersecurity specialist.
  • Report any cyber-attack or scam to the Internet Crime Complaint Center at IC3.gov.

MITM protection and cybersecurity recommendations

The FBI provides cybersecurity recommendations to protect consumers and entities from MITM attacks and ensure privacy. This begins with, “using a reputable VPN to protect your connections.” Teleworkers should use a Virtual Private Network (VPN) to encrypt network traffic in order to block cybercriminals.