Recently there was an OpenSSL Security Advisory explaining how attackers were using Man in the Middle techniques to decrypt and modify traffic between clients and their servers. This advisory, which is definitely helpful for those clients who are tech savvy or have a technology expert (or experts!) who can explain it to them, advises of the necessary upgrades clients must perform in order to make sure they are protected from these potential threats. Now that advisory is great for a technology officer, but what about those regular, every day Joes who might have never heard of Man-in-the-Middle attacks and want to know more about what that means?
At Intega IT, we strive to make technology simple for our clients and in keeping with this promise, we’ve compiled all you need to know about Man-in-the-Middle and how to protect your business. Should you have more questions, don’t hesitate to contact us!
What is a Man-in-the-Middle Attack (MITM)?
A MITM attack is a type of cyber-attack where a third party implants him/herself into the conversation between two unknowing parties. From this vantage point, the third party is able to gain access to information that the two unknowing parties are trying to share with each other. This type of attack allows the third party to intercept and send data meant for someone else, without either party knowing the data has been compromised.
Main Concepts of Man-in-the-Middle Attacks
- MITM attacks exploit real time processing of transfers of data, of conversations and transactions.
- MITM attacks allow the attacker to intercept, send and receive data which was never meant for them without the outside parties knowing until it is too late.
How do MITM Attacks Work?
In the example above, the image on the left demonstrates the typical flow of information between the client to the server and vice versa. The image on the right demonstrates how the MITM attacker places him/herself in between the flow of data between the client and the server. From this vantage point the attacker can inject false information and intercept the data that is being transferred between the two parties (Client and Server).
In this example, the attacker is impersonating both parties in order to obtain personal information and replace it with his/her own. By intercepting messages between the two parties, the MITM is able to disguise his/her own account number as the correct destination for the funds transfer.
How to Protect Your Business
Given the invisibility of the MITM attacker, these types of attacks are often difficult to prevent with conventional security tools which come with your PC or Mac. The best way to prevent these types of attacks are to make it difficult for attackers to view your network traffic by using encrypted network connections provided by HTTPS or VPN (Virtual Private Network) technology. Furthermore, be wary about connecting to open WiFi connections as some attackers configure their laptops or other wireless devices to act as connections that, once connected to, will aid in obtaining your credentials for later use.
If you’re unsure how to start protecting your business from MITM attacks, look no further than Intega IT. We will start by assessing your existing security infrastructure with our Free Network and Security Assessment and will then suggest ways to improve. Did we mention there are no obligations? What are you waiting for? Request your assessment today!