Stop Man-in-the-Middle Attacks

TL;DR

A Man-in-the-Middle (MitM) attack lets someone secretly intercept and potentially change communications between you and a website or service. This guide shows how to protect yourself using HTTPS, strong Wi-Fi security, checking certificates, being careful on public networks, and using VPNs.

1. Understand the Threat

In a MitM attack, an attacker positions themselves between your device and the server you’re trying to reach (like your bank’s website). They can then:

• Read your data (usernames, passwords, credit card details)
• Modify your data (change account numbers in a transaction)
• Impersonate you or the server

These attacks often happen on unsecured Wi-Fi networks.

2. Always Use HTTPS

HTTPS (Hypertext Transfer Protocol Secure) encrypts communication between your device and the website. Look for https:// at the beginning of the web address, and a padlock icon in your browser’s address bar.

• Check before entering sensitive information: Never enter passwords or financial details on websites that don’t use HTTPS.
• Browser Extensions: Use extensions like HTTPS Everywhere to automatically switch you to the secure version of a website when available.

3. Secure Your Wi-Fi Network

Your home Wi-Fi network is your first line of defence.

• Strong Password: Use a strong, unique password for your Wi-Fi (WPA2 or WPA3 encryption are best). Avoid using easily guessable information.
• Network Name (SSID): Don’t broadcast your network name (hide SSID), although this isn’t foolproof.
• MAC Address Filtering: Allow only known devices to connect to your Wi-Fi based on their MAC address. This is more advanced, but adds extra security.

4. Verify Website Certificates

Website certificates confirm the website’s identity.

• Check the Certificate: Click the padlock icon in your browser’s address bar and view the certificate details. Ensure it is valid and issued to the correct organisation.
• Look for Errors: Pay attention to any warnings about invalid or expired certificates. These could indicate a MitM attack.

Most browsers will warn you automatically if there’s a problem with a certificate.

5. Be Careful on Public Wi-Fi

Public Wi-Fi networks are often unsecured, making them prime targets for MitM attacks.

• Avoid Sensitive Transactions: Don’t access banking websites or enter personal information while using public Wi-Fi.
• Use a VPN (Virtual Private Network): A VPN encrypts all your internet traffic, protecting it from eavesdropping even on unsecured networks.

Example of connecting to a VPN using the command line:

openvpn --config /path/to/your/vpn_config.ovpn

6. Use a VPN Regularly

A VPN creates an encrypted tunnel for your internet connection, shielding your data from attackers.

• Choose a Reputable Provider: Select a well-known and trusted VPN service with a strong privacy policy.
• Enable Kill Switch: A kill switch automatically disconnects you from the internet if the VPN connection drops, preventing unencrypted data from being sent.

7. Keep Software Updated

Software updates often include security patches that protect against known vulnerabilities.

• Operating System: Regularly update your computer’s operating system (Windows, macOS, Linux).
• Browser: Keep your web browser up to date.
• Antivirus/Security Software: Use and regularly update antivirus or internet security software.