Man in the Middle Attack

It’s basically a type of attack in which attacker is sitting between you and who you’re talking to. For example, Alice and Bob are talking to each other and another person, let’s say, Marina, intercepts their messages. Some example of this type of attack is Active eavesdropping, Arp Cache Poisoning.

In the worst scenario, she even can change Alice entire message and then send it to latter. So what is the solution for this type of attack? The answer is Encryption.

Encryption basically means that whatever messages Alice is sending to Bob is jumbled up and hashed in a way nobody can get the meaning. There is two type of Encryption- Symmetric and Asymmetric.

Symmetric Encryption uses the same key on both sides. Let’s say, Alice and Bob are using Symmetric encryption and they shared the key and start talking to each other but the problem is if the key goes in wrong hand then whoever has the key can intercept their message and that’s how the man in the middle attack happen most of the times.

To solve the problem of symmetric encryption, we got Asymmetric encryption. In this encryption, we have two type of keys- Private and public key. The private key is the key that is to keep private and nobody gonna access to it and the public key is that key that everybody has access to.

So, if an attacker wants to decrypt the information that you sent to somebody, he/she needs receiver private key and he never gets private key and the problem solved.

Thank you for reading ūüôā

Cybersecurity world

In the age of Information Technology and Internet Of Things(IOT), we have seen a lot of cyber attacks. So let me first tell you how this occurs? Cyber attacks mostly happen because of user carelessness, and not because of vulnerabilities in system or software.  Cyber attacks can affect normal users, patients in hospitals and can even threaten the National Security. Recent Ransomware attack is the biggest example. In IOT world, we have a lot of problems.  As numbers of connected devices increase, they become more vulnerable to attack.

In India, Cyber attack is one of the most concerning issues but not many steps have been¬†taken to fix it. One of the¬†recent and popular Cyber attack happened in 2012 or 2013 where Northern Grid failed due to a software bug in its relay and because of all relays in India are interconnected, other relays¬†also failed and millions of people were left in the dark. We had also seen SBI Cards breach in around 2015, this was because of bank ATM’s were still using basic Window XP or Window 7. After that, Bank had to reissue all the compromised cards to its users which cost the bank millions of rupees.

Mobile users are also increasing in India. If I ask someone, do you know how to use a mobile phone? Most of the time,¬†I get a reply that it comes¬†naturally¬†to me. Don’t take it lightly because someone might be using it as Bot for the DDoS¬†attack or maybe it’s spying on you.When in countries like India, Internet¬†users are increasing every day, Security awareness should also be given to users because it’s the first step to ensuring user privacy is maintained.

And lastly, a few tips from my side to ensure that privacy is maintained or your data is not compromised

  1. Never download a untrusted or low rated app on your phone.
  2. Never use open wifi.
  3. Always use different passwords for different websites.
  4. Always use strong and long passwords as much as possible.
  5. Always use a paid anti-virus, whether you’re using Linux or window.

Thank for reading ūüôā