What is it?
MitM or Man in the Middle attacks to give it its proper title are very similar to eavesdropping attacks, which we covered in our very first cyber security spotlight. To be successful, a man in the middle attack needs three key components; the victim, the “thing” the victim is communicating with, be it a bank, service provider and so on and of course, the man in the middle. Critically, the victim will be entirely unaware that there is a third player in place – the man in the middle.
How does it work?
There are two main methods of executing man in the middle attacks: proximity-based attacks and man-in-the-browser attacks which require the use of malicious software. Often cyber criminals execute these attacks in two distinct phases as well. Phase one is interception and phase two is deception.
The proximity-based method works by the cyber-criminal accessing unsecured or weakly secured Wi-Fi routers and then using their interception toolkits to read the transmitted data. The man-in-the-browser method relies on the attacker first finding a way to inject malware into the victims connected device(s). Typically, this is achieved by phishing whereby a seemingly legitimate email or text message is sent, appearing to be from a trusted source, then once this message is opened the user can unwittingly load malware onto their device. After that, the malware installs itself into the browser and records the data sent between the victim and specifically targeted websites, before then sending this data back to the attacker.
How can you protect against it?
First up, be aware of websites that are not using the HTTPS protocol as this is a clear indication that the website is question has weak online security. Next, be very wary of any emails you receive asking you to change, update or confirm any login credentials or personal data. Avoid clicking any links in these types of emails and instead, visit the website directly by typing the URL into a search engine.
Avoiding connecting to public Wi-Fi wherever possible and if you are using public Wi-Fi don’t engage in any sensitive actions such as logging into online banking. As an added layer of protection when using publicly available internet, consider installing and using a virtual private network (VPN) as well. This will encrypt your network connection so any private data you might send has that extra layer of protection.
Finally, to protect yourself from the man in the middle attackers that rely on malware, installing the right security software for your devices is a no brainer, and last but by no means least always use strong, unique passwords!
Previous examples of eavesdropping attacks…
Way back in 2015, there was a multi-nation bust that succeeded in nailing 49 suspected cyber criminals who had been using MitM attacks to find and intercept payment requests sent via email. Find out more here
So there you have it, a mini overview of man in the middle attacks and how to avoid them.
If you think your business needs better cyber security
don’t rest on your laurels, contact our team