What is Man in the Middle Attack? Here are some ways to avoid it

What is Man in the Middle Attack? Here are some ways to avoid it

With the development of technology, cyber security is also becoming more complex. The incidence of cyber attacks is increasing day by day all over the world. Lately, there has been a new form of cyber attack called Man in the Middle Attack.

The third party (hacker) enters between the man in the middle attack sender and the receiver and receives everyone’s messages (passwords, personal identification information, credit card numbers, conversations, etc.) and sends them to the receiver by changing them Does.

Also, the message received from the receiver is changed to suit the sender. This means that the third party can receive all the messages between the sender and the receiver and also misuse them by making changes to their liking.

How does Man in the Middle Attack work?

Man in the middle attack occurs in two stages. The first step is for the cyber criminal to receive your information before the Internet traffic reaches the destination for the man in the middle attack. Which is called interception.

Cybercriminals use IP spoofing, ARP spoofing, DNS spoofing, etc. to accomplish this interception.

The second stage is when the cyber criminal succeeds in completing the interception task. In the second stage, the cyber criminals get the original content of the traffic using the methods like HTTPS spoofing, SSL Best, SSL Hijack, SSL Stripping.

This is how to avoid a man in the middle attack

Let’s take the following steps given by the Telecommunication Authority of Nepal to avoid Man in the Middle Attack:

१. To securely transfer your data, send the data encrypted through secure channels.

२. Use Firewall / IPS / IDS on your computer / laptop / mobile and network.

३. Don’t use unsafe public WiFi. Use WPA2 / 3 mode even on home WiFi and keep WPS disabled.

४. Let’s only do online transactions using the Force TLS (automatically using HTTPS) plugin in the browser.

५. Let’s use SSL / TLS / PGP / GPG encryption settings for secure email.

६. Let’s use a website with a URL with HTTPS or lock icon.

७. Let’s constantly update our software (operating system, application software, browser).

८. Use reputable antivirus to prevent malware or malicious activity on your computer / laptop / mobile device.

९. Don’t download unsafe software, apps, freeware. Also, don’t use unencrypted / plain text messaging apps.

10. Do not send your password, OTP, bank account number, PIN details by email.

.

Source link

Rabins Sharma Lamichhane

Rabins Sharma Lamichhane is senior ICT professional who talks about #it, #cloud, #servers, #software, and #innovation. Rabins is also the first initiator of Digital Nepal. Facebook: rabinsxp Instagram: rabinsxp

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *