A man-in-the-middle attack occurs when a bad actor secretly inserts themselves in the middle of two connected parties with the intent to read, steal, manipulate, or forward the data that is being exchanged. Also called “eavesdropping,” these attacks have the potential for a big payoff.
Similarly, there are subtypes of MiTM attacks:
Adversary-in-the-Middle (AitM) is a variant of Man-in-the-Middle attacks. In AitM, a malicious actor uses a reverse proxy to position themselves between a user and an online service in order to obtain user credentials and session tokens. This type of attack circumvents the protection usually provided by OTP-based multi-factor authentication, and is a common technique in phishing attempts.
A man-in-the-browser (MitB) attack occurs when a bad actor injects javascript into a user’s browser. This can occur in a number of ways including a malicious browser extension. People can also fall victim to MitB attacks by accidentally downloading malicious software onto their computer. Once in place, this malware gives the fraudster unimpeded access to sensitive information such as user credentials to email, bank, subscription and retail accounts. They also now have the ability to carry out unauthorized actions on behalf of the user.
Man-in-the-mobile (MitMo) attacks target mobile devices like smartphones and tablets through infected apps and phishing scams. Once inside the device, bad actors are able to intercept communications and sensitive data. In the worst cases, MitMo attacks allow fraudsters to control devices remotely and manipulate calls, texts, and email messages without the user’s knowledge. Very sophisticated malware can be installed through SMS or phone call - without user action even. Such attack platforms are very expensive and usually will be used to target very specific people.
In its simplest form, an attacker can monitor digital activities, conversations, and emails in order to steal account login information, credit card numbers, bank information, and more.
Popular targets are:
Insecure networks
Unencrypted websites
Smartphones
Other smart devices
Once the attacker finds an insecure access point, they can insert themselves between two parties, and everything the parties transmit goes through the attacker first in real time. Let’s walk through a couple examples.
Abby is on her smartphone and thinks she is communicating privately with her brother, Abe, about their aging parents’ financial holdings. On the other end, Abe thinks his texts are only being seen by Abby. However, unbeknown to either of them, their texts are being secretly rerouted by a fraudster perpetrating a MitMo attack. As the texts pass through this hidden path, the fraudster sees every word the two of them type as well as any images, videos, or links shared.
One of the most prevalent MiTM attacks involves a bad actor setting up an unsecured WiFi hotspot that is free for public use. Importantly, these hotspots are often named to match their location and fool victims, while also lacking password protection. When a user connects to one of these malicious hotspots, the fraudster has full access to any data being exchanged online.
Attackers wishing to take a more active approach may launch one of the following attacks:
As a result of a MitM attack, the following are now possible once access is gained:
As mentioned above, many man-in-the-middle attacks go undetected. However, having awareness about the possible symptoms of an attack, and also taking precautions to avoid putting yourself at risk, are good first steps in protecting yourself online.
Be on the lookout for any kind of abnormal state on any of your streaming services, systems, accounts, or devices (different balances, activity you don’t recognize, etc.).
Always use an antivirus software to search for malware. Be sure to inspect your current WiFi connection to make sure it is secure and not open. Only visit https sites that you trust, and verify that the URL is correct (with no typos).
Be wary when you experience:
Suspicious certificates
An address in your browser’s URL bar that you don’t recognize
An address in your browser’s URL that is a misspelled version of the website you think you’re visiting
Network connections that you don’t recognize
Man-in-the-middle Attack Prevention
MiTM prevention boils down to users following safe internet practices, while organizations implement the right cybersecurity protocols and technologies.
On the user end of the spectrum, preventing MiTM is all about awareness and safe practices concerning computers, tablets, smartphones, and WiFi connections.
To begin with, you should always avoid connecting to WiFi networks without password protection. Similarly, pay attention to browser notifications for unsecure websites and only trust those with encrypted connections. Also, be sure to log out of secure sites when not on your computer. Finally, refrain from doing sensitive transactions over public networks like those at coffee shops or hotels.
Organizations have their own methods for safeguarding against MiTM attacks. You should implement robust network security measures, while also conducting regular employee training on recognizing potential threats.
For businesses, protect your customers with the following:
Vet Organization's Email - phishing emails will arrive from external senders
Virtual Private Network
MFA
Public Key Pair Based Authentication (FIDO)
With cybercriminals constantly reinventing their processes to look for weak points in devices and WiFi networks, MiTM attacks are a very real threat for both users and organizations. While safe practices are great ways to fight MiTM, identity security technology is the most surefire way to keep fraudsters at bay. The Ping Identity Platforms offers a quiver of security features designed to stop even the most sophisticated cyberattacks.
If you’re serious about preventing MiTM and other cybersecurity fraud, Request a Free Demo or talk to one of our experts.
Start Today
Contact Sales
See how Ping can help you deliver secure employee and customer experiences in a rapidly evolving digital world.
Request a FREE Demo