Hacking has been a major news story affecting tech companies, governments, and individuals all across the world. Most recently Microsoft’s Outlook.com service has been subjected to a Man In The Middle (MITM) attack aimed at stealing mobile users’ login information. This particular attack took place in China with reports pointing the finger at China’s Cyberspace Administration as the primary perpetrators and beneficiaries. With Gmail being blocked in China, users will have to move to other email providers such as Outlook.com, but it seems that China is trying to obtain access to users communications to maintain their strict censorship laws.
A Man In The Middle (MITM) attack is one where the attacker inserts themselves between the users and the intended service, Outlook.com in this case. When a MITM attack takes place on a web portal, modern web browsers will alert users that there is a possible security threat with the connection to the server and the users data could be compromised if they continue. When a MITM attack targets mobile apps, the danger is much less apparent to the users because the app simply prompts the users with a bad connection error. Most users will simply hit continue which will resend login credentials and the attacker will be able to steal them.
Governments ability to hijack connections and steal users information is a massive issue for users and businesses who rely upon internet based communications daily. Communication providers like Google, Microsoft, and other have a duty to ensure their services are based in secure practices and attack methods like MITM should become harder to carry out successfully. Finally users have to stay aware of possible attack methods and how error messages could be alerting them to a serious threat. Simply pressing continue instead of being more cautious is the easy reaction, but hackers are banking on users being lazy and giving up their login details.Further reading: China, Hacking, Microsoft, Outlook.com