Man-in-the-Middle (MitM): What is it, how bad is it and can you prevent it

As hybrid and remote working models increase, so does cybercrime. Man-in-the-middle attacks are more popular than you think, but do you know what they are?

It’s crucial that we protect our businesses from MitM crime, so in this blog post, we will give you the low-down on what forms MitM attacks take and how you can secure your networks and devices.

What is a Man-in-the-Middle (MitM) attack?

In cybercrime, a man-in-the-middle-attack (MitM) is the process of a third party sitting between you (the user) and a software or app. Known as “active eavesdropping” this form of cyberattack is designed to elicit sensitive or personal data through a hacker’s ability to capture key conversations.

MitM attacks can also be known as monster-in-the-middle, machine-in-the-middle, monkey-in-the-middle, meddler-in-the-middle, manipulator-in-the-middle, person-in-the-middle (PitM) or adversary-in-the-middle (AitM).

There are two main types of MitM attacks.

Firstly, a hack as a result of a phishing scam. Usually, this is where the hacker spends time recreating cloud-based software or app login pages and a phishing email. The email is then automated to users in the hopes that it appears legitimate enough to follow the email link to their malicious website. The website then captures your login credentials and the hacker then uses them to log into the correct website and access your account.

The second type of attack feels much more sinister because the cybercriminal has to be in close proximity to you and/or your software or app. Here the hacker relies on poor WiFi security to intercept your communications and gain your data.

The act of gaining control of network devices is not unusual, there are 6 more ways an attacker can do this beyond WiFi eavesdropping.

1. IP spoofing - falsifying their IP address to make you believe you are communicating with someone else, like your bank.

2. DNS spoofing - building a fake version of a legitimate website

3. HTTPS spoofing - posing a malicious website as a secure website (it’s all about that ‘s’!)

4. SSL hijacking - creating a programme that decrypts your secure information

5. Email hijacking - creating fake email addresses that look legitimate at first glance

6. Stealing browser cookies - creating a programme that accesses your browsing data to seek visited websites and login details

Remember just as you can be hacked, so can your software or app host!

How common are Man-in-the-Middle (MitM) attacks?

In 2019 IBM recorded that 35% of cyberattacks which exploited vulnerabilities were MitM related (the IBM threat intelligence report is updated yearly here).

Whilst the biggest attack cost is unknown, in December 2019 an Israeli startup was attacked during a wire transfer to a Chinese venture capital firm, resulting in a $1 million loss.

Want to know more about cyber threats and how they each work to take down your business? Check out our free cybercrime guide.

How to prevent a Man-in-the-Middle (MitM) attack?

The most important tactics to avoid main-in-the-middle attacks are

1. Invest in good anti-virus software

2. Use double authentications for all business software and apps

3. Make sure no one stores passwords outside of a protected password management software

4. Never use the same password twice

5. Make sure staff change their passwords regularly

6. Use email encryption software, or switch to an email host who provides this

7. Update browsers to the latest secure versions regularly

8. Inhibit the use of public WiFi hotspots without VPN access on business devices

9. Create cyber attack audit protocols, so you know who is responsible and when they are auditing your systems and devices

10. Create a cyber attack protocol, so you know what to do and who should do it, in the event of an attack

11. Create staff cyber attack and awareness programme

Need help protecting your business against a Man-in-the-Middle (MitM) attack?

Running a business can be worrying without the threat of constant exploitation by cybercriminals. Man-in-the-middle (MitM) attacks can potentially be devastating, so why not go the extra mile to protect your business and your staff from eavesdropping and phishing scams?

If you need help making sure your systems and devices are fully secure, check out our London-based IT support packages.