You are making an overseas purchase from a vendor in India. Instead of using an India VPN, you use an open, unprotected public Wi-Fi connection on your laptop in a local Starbucks.

Sitting at a corner table is a man concentrating on his laptop. Actually, he is concentrating on your online business and has taken the first step in hijacking your data to either steal your identity or engineer a ransomware attack to hold all your files hostage.

Hijackers Use Man-in-the-Middle (MITM) Attacks

A man-in-the middle attack is how a hacker actually gets between a two-party transaction online. The cybercriminal impersonates either or both parties and hijacks the information they are transacting. Hidden from plain sight, the MITM uses the stolen data for fraudulent or nefarious purposes.

Also Read: 10 Tips To Become A Profitable Poker Player In Online Casinos

Also Read: The Unprecedented Rise of Online Gaming in India

How Live-Session MITM attacks occur

Live-session attacks are especially dangerous. Online stalkers actively seek victims using unprotected public Wi-Fi servers. The victim could be making an online purchase or doing a banking transaction, when the MITM sitting across the room uses spying devices or software to step in live, steal the user’s credentials and make unauthorized purchase or drain the user’s bank account.

An MITM attack could also consist of luring the user to a fake Wi-Fi network. The attacker intercepts the connection and the victim logs into a bogus website or platform.

Again, the attacker steals the user’s credentials for later use or injects malware into the user’s system to do great harm to the victim. Also, during a live session, the hacker might send fake messages to one or both parties to encourage fraudulent fund transfers, for example.

Typical strategies employed by MITM attackers include:

• using a device to detect and access unsecured networks
• employing Domain Name Server (DNS) spoofing to send the user to fake websites.
• hijacking session cookies that contain unencrypted login information to gain access to the user’s online email account
• employing so-called sniffer software to intercept data going to and from the victim.
• using a fake, but realistic looking web application to send a user to a hijacked web application controlled by the attacker.

Also Read: Here Are The Best Android Gaming Phones That Money Can Buy

Cybercriminals Can Use Ransomware to Hold Data Hostage

During that unprotected session in Starbucks, you clicked on a link in what appeared to be an email notification from your bank stating that you had overdrawn your account. That email is fake and the link takes you to a dark website that downloads an especially insidious form of malware known as ransomware.

What Ransomware is and what it does

Simply put, ransomware is malicious computer code that uses strong encryption to overwrite or rename files on the victim’s computer and connected network devices. Ransomware arrives either through a network security flaw or more frequently as a link or attachment on an email phishing scam.

Only the hacker can restore or reopen the files on the infected computer. The victim must pay a ransom, usually in untraceable bitcoin, whereupon the hacker sends the encryption key to the victim.

Should the victim pay the ransom?

While keeping their word is a wise practice for cybercriminals who want to stay in the lucrative ransomware business, paying the ransom is no guarantee that the victim will get their data back. Many perpetrators simply accept the payment, move on, and look for other victims.

Preventing a ransomware attack

Ransomware encryption is nearly unbreakable. The best prevention is to adopt a siege mentality and install antivirus software which will detect the presence of the ransomware in time to prevent further damage to the network.

In the event of a successful ransomware attack, an entire system backup either off-site or “air-gapped” from the rest of the network will permit a complete restoration of the infected system at a point in time before the attack occurred. Of course, any data accumulated after the last backup will be lost.

Again, the best defense is to never open or click on suspicious emails or URLs/file attachments. Setting the operating system to show the complete filename extensions will unmask fake image files that show the artificial jpg extension but are really executable exe, zip, or rar files that launch malware attacks.

Also Read: Why it’s Safety First When Choosing an Indian Online Casino

Where a VPN Fits into an Online Security Strategy

VPNs prevent MITM attacks.

The ideal protection against MITM attacks is to never log into unprotected public Wi-Fi networks. For travelers who must use the Internet, there are alternatives such as tethering their computer to a smartphone Wi-Fi hot spot. There are also portable Wi-Fi routers that cost around $100, which can be used to log into safe, secured internet connections.

On the other hand, public Wi-Fi is usually the most convenient option for the traveler because the free services are everywhere. A VPN is the absolute best protection against MITM attacks because it masks the user’s online presence and encrypts online data travelling to and from the user’s destination.

VPNs hide the user from ransomware trollers

A VPN is an invisible mobile shield that hides the user’s IP address and conceals the user’s original location. While a VPN cannot keep a user from downloading a piece of cleverly concealed malware, hiding the user’s IP address is the first line of defense in staying ahead of hackers.

VPNs do not offer absolute protection

VPNs are not the total answer in the struggle to stay secure and safe online. For example, a VPN will not keep the user from visiting unsecure websites or clicking on a poisoned link in a phishing email.

In addition to a VPN, the user must (1) install premium grade antivirus software, (2) use the built-in security already installed on the Mac or Windows operating systems, (3) take advantage of the extra security of strong passwords, and (4) backup everything each working day.

1. The value of premium-grade anti-virus software

In the leapfrog game of staying one step ahead of hackers, the best commercial anti-virus/malware products like Norton and McAfee are constantly on the alert for new threats. Subscribers can receive timely patches and software as new threats emerge and evolve over time.

2. Operating systems’ built-in security

Both Mac OS and Windows 10 operating systems offer file encryption and automatic firewall features. Some of those features are installed by default, but others must be activated. The system firewall monitors all traffic entering the network and user permission is required.

Also, encrypting the computer’s hard drive will safeguard both system and data files. Encrypted files on a stolen or lost laptop, for example, cannot be copied or read without the decryption key.

3. Strong password security

Passwords are the extra locks that can defeat unauthorized entry to computers, networks, and online accounts. The longer a password is, the harder it is to crack. For example, a hacker using password cracking software could crack a three-character password in about one to two seconds. That time can be extended by decades if the password length encompasses 8 to 12 digits.

Then there are password hygiene suggestions, for example:

• Do not write passwords and display them in obvious locations like beneath the computer keyboard.
• Always have a different password for access to each site and every device.
• Use the password management software to store multiple passwords. Popular browsers like Safari and Firefox simplify the task. Likewise, commercially available password management software--1Password for example--can generate random, impossible-to-hack passwords for quick access to websites.

Finally, online security advocates recommend using lengthy passphrases, rather than a mix of characters. Passphrases can either be random words or the first letters of an easy to remember, but hard to crack, sentence or phrase familiar to the user. For example, “At My son John’s Birthday is December 12, 1996” could be phrased: “@MySJbdID121996”

4. Strong backup practices: the last line of defense

Despite an individual’s or organization’s best effort, no one is absolutely immune from downloading a harmful virus or being victimized by a clever email or ransomware ruse. The weakest point in any security system is typically people, who naturally want to be helpful and cooperative.

So, training and awareness are the first line defenses. If those defenses falter, a reliable system backup is the best insurance for restoring everything to normal.

Backups should be a combination of both local and offsite resources. Frequently, offsite backups are a legal requirement for some businesses that handle personal and financial data. The key to both approaches is to keep the backups isolated from networked devices and systems. Malware can also infect any backup devices connected to the network.

Summary and Takeaways

Your data can be stolen or held hostage through a man-in-the-middle attack or ransomware. MITM attacks occur when the user logs into an unprotected public Wi-Fi site. An MITM attacker gets in between the victim and the online server to do harm to the victim’s system and privacy.

A ransomware attack encrypts the victim’s entire system until a ransom is paid to the attacker. Ransomware attacks typically arrive via email attachments and only the perpetrator can unencrypt the victim’s system.

A VPN can protect the user against MITM attacks by hiding the IP address and encrypting data being transmitted online. Likewise, that anonymity is an effective safeguard against online ransomware trollers.

So, the following security measures, along with awareness of dangerous phishing email and poisoned links, will keep your data safe from stealers and kidnappers:

• using a VPN as one part of an overall online security strategy that includes:
• never logging into unsecured Wi-Fi networks
• always using anti-virus software, and employing the built-in security measures of Windows and Mac operating systems.
• employing strong password and system backup strategies