Cybersecurity: What is a Man-in-the-Middle attack and is public WiFi compromised? 

1582
SHARE

Before the internet, during World War II from Bletchley Park in England, code breakers were able to crack the secret coded radio communications of the Nazi’s. The majority of Allied code-breakers were women. They were actually launching a Man-in-the-Middle attack.

An October 2020 FBI advisory warns that the techno-pandemic has seen ever-increasing cybercrimes, especially on Public Wi-Fi. 

What is a Man-in-the-Middle Attack? 

Usually, it’s not the “good guys,” but the criminals who inject themselves into other people’s secrets and private information. These types of privacy and security breaches are called Man-in-the-Middle (MITM) attacks.

Signup for the USA Herald exclusive Newsletter

The FBI has noticed an increasing number of teleworkers using hotels or other public Wi-Fi networks. Hotels in major U.S. cities are advertising daytime room availability for any guest that seeks a distraction-free work environment. That’s why workers are heading to local hotels to work.

Hotel Wi-Fi systems are especially vulnerable to Man-in-the-Middle cybercrime.

A Man-in-the-Middle attack is designed to invade a victim’s privacy. It involves intercepting traffic, coming from one computer, and sometimes sending it on to the original recipient. An “Evil Twin” attack is when an attacker sets up a malicious network that hijacks the hotel’s network with a similar name.

In MITM attacks, nation-state bad actors and other cybercriminals can use stolen intellectual property to counterfeit their own versions of digital products. They can also use stolen business data to trick company executives into transferring funds to the criminal. 

The perpetrator can cause all sorts of damage.  They can insert their own digital wallet to steal cryptocurrency. They can redirect a browser to a malicious website to infect the system with malware. Or they are able to obtain information undetected for their own purposes.

Why use public Wi-Fi for a cyberattack? 

Hotel and public Wi-Fi networks are a common source of attack because neither the router nor a connected computer verifies its identity.

The FBI advisory explains how public/hotel Wi-Fi networks usually offer only low-level security. A combination of out-of-date hardware and lax security result where Wi-Fi ease-of-use is prioritized over protection.

Smaller hotels may even post signs at the service desk giving the Wi-Fi system password. And they rarely change the password, which enables access by bad actors.

The FBI specifically warns of low-tech Man-in-the-Middle attacks, where an attacker only needs a standard laptop and some low-cost equipment to create a fake hotspot. This is called a “Rogue Access Point” attack.

Not every MITM attack needs physical proximity. Several strains of malware exist that can hijack traffic and inject malicious information wherever an infection spreads.

Cybersecurity is being spotlighted in 2020 with the recent phishing, malware, and ransomware attacks.

—————————————-

Have a story you want USA Herald to cover? Submit a tip here and if we think it’s newsworthy, we’ll follow up on it.

Want to contribute a story? We also accept article submissions – check out our writer’s guidelines here.