Man-in-the-middle attacks are a specific type of hacker attack: the attacker reads or manipulates unencrypted data shared between the victim’s computer and the server. The “man in the middle” often obtains access over open WLAN connections.
In man-in-the-middle attacks, the victims often do not realise that they are being watched. In practice, this electronic eavesdropping can take place in different ways. The attackers have it easy if the victim is surfing on a WLAN network which is not password protected: The attacker scans the network for connected computers or smartphones and detects the victim’s device using a “sniffer”. This is a software programme which trawls through networks and flags up the required information for the individual devices.
Attackers deceive their counterparts
To carry out the attack itself hackers can, for example, pretend to be the victim, by giving the router the same “address” as the victim. This allows the attacker to obtain a copy of all information exchanged by the victim with the server. Alternatively, the attacker can set up a spoof WiFi network to which the victim’s device links. This allows the attacker to access all the data. Unfortunately, these man-in-the-middle attacks are almost impossible to detect. Superior protection is offered by well-set-up virtual private networks (VPN) and the use of Transport encryption (https) wherever possible. This sends data via secure transport links and ensures better protection against attacks.