What is Man in the Middle Attack? Here are some ways to avoid it

What is Man in the Middle Attack? Here are some ways to avoid it

With the development of technology, cyber security is also becoming more complex. The incidence of cyber attacks is increasing day by day all over the world. Lately, there has been a new form of cyber attack called Man in the Middle Attack.

The third party (hacker) enters between the man in the middle attack sender and the receiver and receives everyone’s messages (passwords, personal identification information, credit card numbers, conversations, etc.) and sends them to the receiver by changing them Does.

Also, the message received from the receiver is changed to suit the sender. This means that the third party can receive all the messages between the sender and the receiver and also misuse them by making changes to their liking.

How does Man in the Middle Attack work?

Man in the middle attack occurs in two stages. The first step is for the cyber criminal to receive your information before the Internet traffic reaches the destination for the man in the middle attack. Which is called interception.

Cybercriminals use IP spoofing, ARP spoofing, DNS spoofing, etc. to accomplish this interception.

The second stage is when the cyber criminal succeeds in completing the interception task. In the second stage, the cyber criminals get the original content of the traffic using the methods like HTTPS spoofing, SSL Best, SSL Hijack, SSL Stripping.

This is how to avoid a man in the middle attack

Let’s take the following steps given by the Telecommunication Authority of Nepal to avoid Man in the Middle Attack:

१. To securely transfer your data, send the data encrypted through secure channels.

२. Use Firewall / IPS / IDS on your computer / laptop / mobile and network.

३. Don’t use unsafe public WiFi. Use WPA2 / 3 mode even on home WiFi and keep WPS disabled.

४. Let’s only do online transactions using the Force TLS (automatically using HTTPS) plugin in the browser.

५. Let’s use SSL / TLS / PGP / GPG encryption settings for secure email.

६. Let’s use a website with a URL with HTTPS or lock icon.

७. Let’s constantly update our software (operating system, application software, browser).

८. Use reputable antivirus to prevent malware or malicious activity on your computer / laptop / mobile device.

९. Don’t download unsafe software, apps, freeware. Also, don’t use unencrypted / plain text messaging apps.

10. Do not send your password, OTP, bank account number, PIN details by email.


Source link

Rabins Sharma Lamichhane

Rabins Sharma Lamichhane is the owner of RabinsXP who is constantly working for increasing the Internet of Things (IoT) in Nepal. He also builds android apps and crafts beautiful websites. He is also working with various social services. The main aim of Lamichhane is to digitally empower the citizens of Nepal and make the world spiritually sound better both in terms of technology and personal development. Rabins is also the first initiator of Digital Nepal.

Related Articles

Leave a Reply

Your email address will not be published.

Back to top button