Man in the Middle Attacks

By Simon Batt / Secret Coding for Children / February 2019 Issue

How hackers can steal the messages you send over the internet, and how to tell if your communications are secure.

If you’ve tried some of the codes we explored in past issues, you’ll know how good they are at keeping messages secret until they reach the intended recipient. As long as both you and your friend have the key that decrypts the code, your message can fall into anyone’s hands and they’ll have no idea what it says. This keeps the contents secure until it reaches the intended recipient.

While making codes to share with your friends may seem dated or ‘novel’, it’s still used to this very day. In fact, if you’ve ever used the internet, there’s a very high chance you’ve already engaged in encryption; you just never performed it yourself!

When you send and receive data from the internet, you do so using ‘packets’. These are little bundles of data that carry things to and from your computer. From giving a website your login information to getting streamed video data from YouTube, you’re constantly sending and receiving data via these packets when you use the internet.

Just like sending a message to someone else in the real world, sending packets over the internet has its privacy issues. There’s a kind of attack called the ‘man in the middle’ attack, where a nasty hacker reads packets going over a network and extracts data from them. If someone is sending their username and password over an unencrypted packet, the hacker will have all of their login details without the victim even realising!

Thankfully, we have ways to stop ‘man in the middle’ attacks from happening. One way to achieve this is to encrypt the packets being sent between two computers. Thankfully, you don’t need to lift a finger; there’s a good chance all the sites you’ve visited before have done this for you!

Have you ever noticed that some websites you visit start with “http://” and others start with “https://”? The ‘HTTP’ stands for HyperText Transfer Protocol, and the additional ‘S’ stands for Secure. Regular HTTP is used when the site isn’t handling important information, but the moment sensitive data comes into play (like your login details!), the connection becomes secure to protect your data. If you’ve paid close attention, you’ll notice that ‘https’ appears when you visit a site where you have to enter sensitive information; this is the additional ‘secure’ layer kicking into action.

Unlike regular HTTP, HTTPS uses an encrypted connection. This works very similarly to the messages you send your friends! Your computer and the receiving computer agree on a secret encryption code to work under. Then, they start sending each other packets using this encryption. If a hacker manages to ‘catch’ a packet, all they’ll see when they open it up is encrypted data, much like how anyone who reads your secret messages would see only gibberish.

People who want to secure their sites with HTTPS must first buy a special certificate called an SSL (secure sockets layer) certificate. This certificate verifies that the website is who they claim to be, and isn’t trying to trick people. Once a website has this special certificate, they can use HTTPS as long as that certificate is valid.

If you want to avoid ‘man in the middle’ attacks, it’s a good idea to only enter your personal details on sites that use HTTPS. It’s very easy to check; just take a look at your address bar for ‘https’ at the start, and a little padlock icon to the left. Likewise, if something went wrong with the HTTPS service (for example, their certificate is out of date), the browser will display an error saying the site isn’t as secure as it’s claiming, and that your details are at risk.

Learn More

Simon Batt

Simon Batt is a UK-based tech enthusiast and all-around geek. His favourite things are cups of tea, cats, and new gadgets, even though they never mix well.

View all posts