We want to talk about “Man In The Middle” cyber-attacks. It is
something not everyone fully understands or knows but is very
crucial in our environment with cyber attacks on the rise. So we
asked an industry expert and CEO ofIronCAP, Andrew Cheung, to
break it down for us.
“Man In The Middle” (MITM) cyber-attacks happen when the attacker
doesn’t need access to your computer, physically or remotely. They
just sit on the same network as you, and suck in your data. They can
even create their own network and trick us into using it. MITM breaches
often happen at the network level – the evil transgressor associates their
hardware address with yours then all your data is diverted to the “bad actor”.
“DNS spoofing” is a similar strategy. The offender can forward legitimate
queries to a bogus site they control and then capture your data or use
malware. Therefore, bad actors can use “MITM” attack remotely, not in the
same room, or even on the same continent. One way to do this is with malicious
software.
Another nasty “man-in-the-browser” attack (MITB) occurs when your
web browser is infected with malicious security. For example, the bad
actor manipulates a web page to show something different than the genuine
site. They often also hijack active sessions on websites like banking or social
media pages and spread spam or steal funds.
We Can Protect Ourselves BUT How?
As the hacking sophistication grows, so does the protective response
and we can protect ourselves.
You would think a VPN would be enough and will encrypt all
traffic between your computer and the outside world, protecting you
from MITM attacks. Yes and no, your security at this point is only as
good as your VPN provider; and many have disappointed recently.
A better solution for long term is IronCAP, it even deals with the future
issue of Quantum hacking.
To protect yourself from malware-based MITM attacks first practice
“good housekeeping” cybersecurity habits – don’t install applications
from sketchy sites, and log out of website sessions when you are
finished. But you can eliminate both MITM and Phishing risks -
IronCAP’s digital signature proofing along with end-to-end encryption
is the perfect cocktail of data protection.