- Security TWENTY
- Women in Security
A virtual private network (VPN) runs interference for internet users who want to:
• protect their online privacy through location masking
• bypass geo-blocking and internet censorship by routing their connection to other “fake” locations
• bolster their overall internet security posture with defences against man-in-the-middle (MITM) attacks, for example.
Learn more about the details of VPN and its capabilities, on the linked Surfshark webpage.
What follows is a recap of MITM attack strategies and how a VPN, in partnership with other defensive means can protect the user online.
How the MITM attack works
A man-in-the middle attack occurs when a hacker actually gets in the middle of a two-party transaction on the web. The MITM impersonates either or both parties and gains access to the information they are transacting. Hidden from the victims, the MITM uses the hijacked or intercepted data for fraudulent or nefarious purposes.
MITMs can result from phishing scams
In one MITM scenario, the victim receives a bogus email from what appears to be a bank. It looks legitimate, and warns the user that his/her bank account may have been compromised. The user clicks on a link in the email and loads what appears to be a valid website. The user logs in and performs a requested task, usually involving disclosing the personal information required to enter the account. The link in the email is to a bogus and often realistic looking website. When the user gives up his or her user name and password/PIN, only bad things can happen.
How hackers deploy MITM attacks
A VPN won’t immunise the user from phishing attacks, but it can protect against online stalkers, who employ a variety of technical hacks. For example, hacker running surveillance on an unprotected public Wi-Fi server could listen in and quietly spy on someone doing an online banking transaction or conducting private financial business. The MITM attacker steps in live and can do great financial harm to the victim.
The MITM hijacks a live session through:
• Deploying rogue Wi-Fi networks, or so-called “evil-twin” hijacking. A user logs into an unsecured public Wi-Fi network. The MITM intercepts the connection and routes the user to a bogus network and begins gathering the user’s credentials. To carry that out, hijackers must use:
• Domain Name Server (DNS) spoofing to route the user to fake websites.
• Employing a “web pineapple” device to access unsecured networks
• Stealing session cookies through so-called sidejacking. Those cookies could consist of unencrypted login information, even if the site was otherwise secure. For example, a user might log into a webmail account when an intruder intercepts a browser login cookie. The user’s webmail account is compromised.
• Installing open-sourced software to spy on the user. Malicious software can “sniff out” online activity and intercept the data going to and from the unsuspecting user.
• Spoofing a web application. The MITM redirects a user to a bogus web application controlled by the attacker.
How to protect against MITM attacks
Install and employ VPN on mobile devices
The best protection is to never connect to public Wi-Fi routers“in the open.” Instead, install and use a stand-alone version of VPN like Surfshark. The VPN encrypts the user’s internet connection and protects the data the user sends and receives. Even if intercepted, data funnelled through a VPN connection cannot be decoded.
Secure the home router with VPN
Rather than equipping every device on a home network with a VPN, the better approach is to install VPN firmware on the network router. The router is the single security guardian for each device. Every device, VPN-compatible or otherwise, is protected. (See the Surfshark blog, seven reasons why you need a VPN for your router.)
Upgrade to VPN-ready routers
In the never-ending war of leapfrog between hacker threats and countermeasures, upgrading to a VPN equipped router is a more secure way to connecting to the web. The Surfshark blog, The Top 10 VPN Routers for 2019, is a review of top VPN routers for homes. To make this list, the routers had to be VPN ready and easy to set up. Also, evaluators looked for robust internet connections and performance not affected by VPN encryption and routing.
Be aware that cryptocurrency transactions can be hacked
With the increasing online commerce in cryptocurrencies like bitcoin, traders and miners should also employ VPN. The distributed ledgers provided by blockchain technology are secure and can only be accessed through a combination of public and private encryption keys. The weak link in blockchain is that if the user’s private key is hijacked, the bitcoins can be hijacked without a trace. Hackers can use a variety of tools to steal keys, and they usually do it through social engineering or simple cryptojacking hacks and bots. Adding a VPN as another layer in web financial transactions can keep those transactions private and secure.
Avoid “free” VPN providers
There are many free VPN providers available. They typically provide connection encryption and could offer a temporary solution for users who only need protection for a short time. On the other hand, they can slow up internet performance, and some free VPN servers come with loads of intrusive ads. Also, free VPN services who employ user logs could be monitoring users’ web activity. All that web activity logging is a treasure trove for web analytics and statistical trend monitoring. Marketers, who buy the data, target consumer activity and demographic trends—and they get from ISP providers, who got it for free.
VPN isn’t the total solution
Cybercriminals have a host of strategies to carry out their anonymous assaults against the integrity of the internet. VPN is a valuable defenve against those threats, but it should be accompanied by a total approach to online security; to wit:
• remaining on guard against potential phishing emails asking the user to update entry credentials
• installing a comprehensive internet security solution with malware/anti-virus detection, and ad blockers like Whitlister.
• ensuring that website visits are to those with a URL address beginning with “HTTPS”
Conclusions and summary
• Using a VPN disguises the user’s IP address and country location to bypass geo-blocking and internet censorship.
• VPN is also effective against man-in-the-middle attacks and for protecting online cryptocurrency transactions.
• Hackers deploy online eavesdropping and data theft through a variety of methods, including deploying rogue Wi-Fi networks, which snare unprotected users on public Wi-Fi networks.
• Protection strategies against MITM attacks include installing a VPN on mobile devices and on the home router. When upgrading a home router, users should consider VPN-ready routers.
• Finally, a VPN should be included as part of an overall strategy to protect the user’s online identify and activity.