Man in the Middle Attack ( MITM ) on Mobile Applications

Businesses have known for a long time that there always are weak links in security, especially mobile security. The worse part is not that businesses get affected by these security issues, but the fact that public awareness is terribly low on how vulnerable this can be. The man in the middle attack has been one of the most exploited ways hackers have tried and managed to steal information and money.

What is Man in the Middle attack ( MITM )?

When an attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other, it is called 'man in the middle' attack. In simple words, a third person tries to break a connection between two people without them realizing this and is thus able to sniff and retrieve communication between them.

In fact, public WiFi networks have been the best playground for hackers to perform a man in the middle attack. In recent times, there has been a steep increase in the frequency as well as the severity of such kind of attacks. In simple words, by listening in and intercepting a mobile device's traffic, hackers can get access to the data flowing to and from the mobile device and hence can gather sensitive information.

As mentioned before, the worse part of this is that public awareness about this is very low and hence when such things happen, the final effect is on enterprises and it can be terrible. If you are wondering how your business gets affected by this then listen to this. If employees are careless about their information or data in public wifi network on their personal devices, you can be sure it's the same happening on their work devices. This becomes scarier if their personal and work device is the same!

Appknox Appgrader

How Safe is Your Data?

The data which is in transit and travels across your mobile device and servers goes to places beyond your imagination. So, is it safe and can we be sure that nobody can sniff into our sensitive personal information that we share with a number of apps and services we use?

The data generated from our mobile devices is transmitted over the WiFi network or the mobile connection to the base transceiver station (also known as BTS) of the operator. Then the data is redirected several times to a number of receiving stations.

During its journey, the data is assessed by several automated agents like antivirus and antispam appliances. And on every such instance, when the data is even under someone's supervision, it is possible that someone could illegally eavesdrop on it and access information you would never wish to share with someone.

Related topic- 11 Mobile Application Security Facts You Need to Know

For Mobile Applications

The man in the middle attack is not something new. They have been around for a few years now but have been mostly restricted to computers and laptops. With mobile growing at a fast pace, there has been a shift in emphasis to hacking mobile devices. This is particularly worrying as this gives access to a lot of information like personal identity, location, messages. In fact, hackers can also eavesdrop on conversations.

Mobile apps need to communicate with remote servers in order to function, and most use HTTPS to do so securely. Problems arise however when apps fail to use standard authentication methods properly. Some, for example, don’t reliably check the certificate that proves a server is what it says it is. Others fail to properly verify their server’s hostname.

To be secure, mobile apps have to validate the hostname, ensure the certificate matches the server’s hostname, and ensure the certificate is trusted by a valid root authority.

appknox security consultation

Are MITM Attacks that Easy to Execute?

A common perception is that MITM attacks are fairly easy to execute. As WiFi traffic is generally broadcasted out in the open, any device nearby can sniff on your data traffic. If someone is using an unencrypted or public WiFi and connecting to some web page via HTTP, the job becomes even easier. Attackers commonly use technologies like Aircrack-ng and WiFi pineapples to lure users into their open WiFi networks and perform a MITM attack easily.

 

In fact, there are hundreds of automated tools and online tutorials available on the internet, especially on YouTube, which make it sound like anyone could easily do it.

Who is at risk with such attacks?

Simply put, everyone in the mobile enterprise is a potential target, but the most vulnerable are those in senior or executive positions in business and government. It is obvious that hackers look out for people who are important or have access to sensitive information. Although, nowadays, since most businesses have started allowing employees to use their personal devices at work, this threat now impacts everyone almost equally. More often than not, it is easier to get access to a network through a device that you would think has the least probability of getting hacked.

The problem is very real and serious. More than 75% of the apps on the Google Play store does not meet basic security checks. Before you start thinking that you are safe on iOS, let me tell you that iOS is equally prone to such attacks.

Mobile Man in the Middle Attack and How Dangerous it is for Your Business

What can you do to be safe?

Basic methods like antivirus, wrapping solutions, etc. are not sufficient in today's date. As a business, it is important to spend time in training your employees on how they can keep company data safe by simple things like not connecting to public networks using their company devices. There should also be training and workshops for developers to understand how to build more secure apps and also detect security issues in mobile apps easily.

The most important thing is that security is a changing landscape and to keep up you have to be proactive, always.

Published on Mar 15, 2016
Written by Prateek Panda

Questions?

Chat With Us

Using Other Product?

Switch to Appknox

2 Weeks Free Trial!

Get Started Now