Man in the Middle (MitM) attacks have been around since the dawn of time. The principle is simple – a bad guy inserts himself into the middle of a conversation between two parties, and relays each other’s messages without either party being aware of the third person. In an internet context, this means that middle party has the ability to read everything sent by either party and also alter it.
How does a Man in the Middle attack work?
In days of yore the phrase referred to a literal person in the middle. General Bob would dispatch his messenger on horseback to tell Colonel Alice to attack the left flank. Lady Mallory, a evil (wo)man in the middle, would waylay that messenger and steal the message. She’d then change the message to Colonel Alice instructing him to fall back, and send a response back to General Bob acknowledging the original flanking orders. Shortly thereafter, General Bob loses the war in a stunning tactical embarrassment because his left flank was completely unprotected.
Internet MitM attacks take the same form. A common MitM attack is for Mallory to set up a fake wireless access point in a public location; a coffee shop for example. She gives the fake access point a legitimate sounding name such as ‘coffeeshop-customer-free-wifi’ and before long customers are starting to connect to that access point instead of the legitimate one. At that point, Mallory has inserted herself into the data stream between your device and the internet at large, and can capture all of your traffic. If you’re not using encryption, that also means Mallory can now read all of your traffic and potentially modify it.
Some possible outcomes of this interception are:
Session hijacking: Consider the case where you’re using webmail to send email. When you logged in to your webmail, Mallory grabbed a copy of your authentication cookie when it was sent to your browser, and now she can use that cookie to access your webmail as well.
Note: In previous articles I’ve described how the web actually works, versus how we are told it works. We do not “log on” to websites. Rather, our browser requests the website which is then sent to our local computer. We then enter our login credentials which are sent to the website server. If the credentials are correct, the web site will respond with some kind of authentication token, usually a cookie. When we make further requests from our computer, that cookie is sent along with those requests so that the website knows who we are and doesn’t make us log in every time we want to go to another page. That cookie is a sensitive token and is valuable if stolen.
Replay attack: Mallory can perform a replay attack. Since she has all of your data, it’s possible to ‘replay’ something you’ve done. For example, if you’ve transferred 100 Runescape credits to your friend, re-sending the packets that comprised that original transfer may cause another transfer and you’re now out 200 credits.
Altered content: Back to the webmail example, perhaps you’re instructing your lawyer to withhold the funds of a recent legal transaction. Since Mallory has all the packets comprising that email, she can change the word ‘withhold’ to ‘release’’ and cause all sorts of confusion. This is a popular type of MitM attack that we’ve seen used in Kodi Media Center add-on attacks, and it is also the fictional attack Mallory used to bring down General Bob.
Missing content: Another variant of altered content is to cause content to simply disappear altogether. Perhaps you’re waiting for some signal to do something. Mallory can make sure it never arrives.
What protections exist to prevent Man in the Middle attacks?
Despite the endless ways in which these attacks can play out, there are really only a few things that are exploited over and over. In order to protect against MitM attacks, the following must exist:
Non-repudiation: The message came from the person or device it says it came from.
Message Integrity: The message has not been altered since it left the sender’s control
Keep in mind that the word ‘message’ is being used generically to refer to many concepts such as complete emails, or data packets lower in the stack. The same concepts apply, regardless of the type of data.
Ways in which to avoid becoming a victim of a MitM attack include:
Use HTTPS wherever possible
Seeing HTTPS in your browser address bar ensures that your connection to the website is encrypted. It doesn’t mean you should trust that website any more than any other, it just means your data is encrypted as it travels between your device and the site. Malicious websites can play a part in setting you up for a MitM attack, so it pays to be cautious about every website you visit to make sure it is legitimate to begin with.
HTTPS uses Transport Layer Security (TLS).
Note: TLS is almost universally incorrectly referred to as SSL (Secure Sockets Layer). SSL is a predecessor to TLS but the name seems to have stuck.
TLS and HTTP work together to produce HTTPS which provides encryption and non-repudiation. When your browser first connects to an HTTPS site, it negotiates with the server. During that process the browser examines the server’s certificate to validate that it is connecting to the site it thinks (non-repudiation) and also generates a set of session encryption keys. Those keys are used throughout the subsequent session to encrypt data which in turn ensures message integrity.
For Mallory to successfully alter data being sent from the server to you, she would have to be in possession of both the browser and server session keys, neither of which are ever transmitted. That implies she would have to have control over both the client and server and if that were the case it would not be necessary to mount a MitM attack in the first place.
There are browser plugins that will force your browser to use HTTPS whenever it is available on a site. Since many sites support HTTPS, but are not necessarily configured to force browsers to use it, plugins like this can help a lot.
Use a browser that supports Public Key Pinning
Some MitM attacks can be very elaborate. Since a great deal of protection stems from TLS and encryption, and since encryption is hard to break, it can be easier for advanced attackers to mimic a website instead. For example, TLS certificates are trusted by browsers because they are signed by Certificate Authorities (CA) that the browser trusts. If Mallory successfully compromises a CA then she can issue valid certificates for any domain which will be trusted by web browsers. Once Mallory can successfully impersonate a legitimate website, the only remaining challenge is to get users to visit that site through standard phishing techniques.
This was the case in 2011 when the Dutch CA DigiNotar was compromised and certificates were created to trick a large number of Iranian Gmail users into giving up their Google usernames and passwords.
HTTP Public Key Pinning (HPKP) is a method whereby website owners can inform browsers which public keys the website will use. If a browser visits that site and is presented with some other public key that is not on the list, that is an indicator that the site, or at least the TLS certificate, is not valid.
Pinning has to be done by the server owner, but you can protect yourself as a user by using a browser that supports Public Key Pinning. As of this date, Firefox (version 32), Chrome (version 56), and Opera (33) support it; Internet Explorer and Edge do not. Firefox has a setting in about:config named security.cert_pinning.enforcement_level;1 which allows you to disable HPKP, but why would you? If you want to test if your browser supports HKPK, visit this HPKP test URL. It presents HPKP headers and an invalid public key. If your browser supports HPKP, it will display an error message.
Use a Virtual Private Network (VPN)
A VPN creates an encrypted tunnel between your device and the VPN server. All of your traffic goes through this tunnel. This means that even if you are forced to use a non-HTTPS site, or even if you’ve been tricked into using a malicious wifi access point, you still maintain some degree of protection against MitM.
Consider, the wifi access point issue. If you’ve connected to Mallory’s fake access point, Mallory will be able to see all your traffic. But, since all your traffic is encrypted when using a VPN, all she gets is a bunch of unreadable encrypted blobs which provide very little data. Using a VPN all the time is a good idea, but using it in sketchy situations such as public wifi is a must.
Use a browser that supports HTTP Strict Transport Security (HSTS)
HTTPS is a very good step towards preventing MitM attacks on the web, but there is a potential weakness there as well. In order for a website owner to force visitors to use HTTPS, there are two options. The first is to simply shut down the unencrypted HTTP port 80 altogether. This means that people attempting to reach the site using http:// will get nothing and the site will just time out. Most website owners don’t want their visitors to have this negative experience so instead they leave port 80 open, but only use it to send an HTTP 301 redirect code telling browsers to go https://.
In practice, this works well, but there is an opportunity for an attacker to execute a Downgrade Attack during that redirect. A downgrade attack can force a web server to use weaker cryptographic ciphers which makes a subsequent MitM attack easier. Websites that employ HSTS send headers to the browser during the very first connect that direct the browser to use HTTPS. The browser then disconnects the existing session, and reconnects using HTTPS. While this may seem like a small difference, it greatly lessens the attack vector of the standard HTTP to HTTPS redirect. Almost all modern browsers support HSTS but there are a lot of browsers on the market, so it pays to confirm that your specific browser supports it.
Inelegant MitM attacks
It’s also worth noting that some MitM attacks are quite inelegant and basic. For example, without much technical expertise at all, Mallory could set up two email addresses that closely match Alice and Bob’s and then start a conversation with one of them, purporting to be the other. Since many email clients only show the addresses’ names and not their email address, this ruse works more often than it should. It will then be possible for Mallory to operate both email boxes and remain in the middle of the conversation indefinitely.
The best defence against this type of MitM attack is to be vigilant. Look for telltale signs such as uncommon language and hover over the sender’s email address to be sure it is legitimate.
Examples of known MitM attacks
I’ve touched on MitM wifi and replay attacks already, but there’s almost no limit to how general MitM techniques can be used as an attack. Any process that has two or more parties communicating (spoiler: that’s everything) has the right stuff for a bad guy to inject himself into the middle.
ARP Poisoning: The Address Resolution Protocol is the unsung hero of IP networking that ensures packets arrive at the exact network card they’re destined for. Once a packet enters the destination LAN, it needs to know the Media Access Control (MAC) address of the network card it’s destined for. That is accomplished by an ARP who-has request that asks every computer on the local network “who has” the packet’s destination IP address. In theory, the network card assigned that IP address responds with its MAC address and the packet gets delivered. In practice, there is no authentication built into the ARP protocol so Mallory could respond that she has that IP and the traffic will be delivered to her. To make this attack a bona fide MitM, she’d then have to also ensure the packet is forwarded to it’s correct MAC address as well.
Port Stealing: This is an advanced attack that can be used on larger networks that employ network switches. Switches contain a Content Addressable Memory (CAM) table which records the relationships between the MAC addresses of the network cards it services and their corresponding ports. If there is no other security setup, then the CAM table is dynamically built and rebuilt with every packet the switch sees. An attacker can spoof a packet with a victim’s MAC address and the switch will record that association. This means that subsequent packets destined for the victim will be sent to the attacker instead.
MitM attacks are very hard to detect and there are no “silver bullet” defences against it. Largely, this inability to completely defend against MitM attacks stems from the fact that there is almost no end to the types of attacks a bad guy can think up. The process of getting a packet of data from your computer to a server somewhere on the internet involves many protocols, many applications, and many devices like routers and switches all of which have the potential to be exploited. The best you can do is to become “high hanging fruit” and take steps to make it harder to become the victim of an MitM attack. Most attacks are aimed at large numbers of people in order to provide the greatest potential for success. Unless you’re being specifically targeted by an adversary, the steps in this article should provide a good defence.