Man in the Middle

A Man in the Middle attack (MITM) is where a malicious actor intercepts internet traffic on a network, to eavesdrop on the data being sent. This could be used to obtain any sensitive information that is sent unencrypted over the network, corrupt the data or simply spy on the victim to determine what websites are being browsed to.

An Evil twin access point is where a hacker will set up a rogue network with the same network name (i.e. Free WiFi). Software will then be used to kick the devices connected off the legitimate network in the hopes that they will connect to the rogue network with the same name. This type of attack is used on public networks (coffee shop, hotel, library) as these networks generally do not contain a password and have numerous people browsing at the same time.

Once the victim has connected to the malicious Wi-Fi network, the threat actor can manipulate the victim’s internet traffic, for example to capture payment information, account credentials, or redirecting the user to malicious websites.

If internet access is needed on the go, it is advised to tether to your mobile device instead of using the public networks. If you must use a public Wi-Fi network, you should consider the use of a Virtual Private Network (VPN). A VPN will encrypt all traffic between yourself and the websites you are connecting to, this makes it very difficult for a malicious actor to determine the website visited and any information exchanged.