What is man in the middle attack?.

A man in the middle (MITM) is a type of cyber attack where a malicious person infiltrates a conversation between two parties and impersonates the two parties so that he gains access to information the two parties would relay to each other. The attackers can send and receive information meant for a different party or not meant to be sent at all. Man in the middle attack can go undetected for long.

Man in the middle is among one of the oldest forms of cyber attack. In MITM, an attacker sits between a victim and a legitimate host that is trying to send information to the victim. The hacker in MITM attack usually observes or manipulates the data between the client and host. The attack could be established by creating fake networks that lure victims into connecting or compromising legitimate network. The attacker then strips off any available encryption from the compromised network to steal or redirect the traffic to the attacker’s destination choice. Since hackers can be silently re-encrypting or observing the compromised network, it can be a difficult attack to detect.

MITM consist of many techniques that malicious people leverage depending on the target and the goal of the attack. For Example, in SSL stripping, the attackers start an HTTPS connection between them and the server.  The however, establish an unsecured connection between them and the user. This means information is sent to them in plain text without encryption.

Attackers like to establish a rogue access point especially in public areas. This connection resembles the legitimate network and people can easily establish a connection through it.  Ina banking setup, an attacker can see when a victim is making funds transfer and alter the destination account number or the amount being transferred.

Although MITM attacks often require proximity to the target, it is also possible to interfere with the routing protocols. The attackers advertise themselves on the internet and allude to be in charge of the IP addresses. The internet routes the IP addresses to the attacker giving them privilege to observe or control your online activities.