A MITM attack is a type of cyber-attack where a user is introduced to some kind of meeting between two parties by a malicious person, manipulates both parties and gains access to the data that the two people try to supply each other. A man-in-the-middle attack also helps a malicious attacker, not recognizing any type of participant until it's too late, to hack and send data transmission to someone else. MITM attacks may be referred to in certain cases, such as MITM, MITM, MIM, or MIM.
2. INTRODUCTION
• There are many types of security threats that attackers
can use to access unsafe applications
• While intimidators can carry out some of these attacks
using automated software, others require a more active
role than attackers
• In this tutorial, we will explain the basic concepts behind
a man-in-the-middle attack, and provide examples and
mitigation strategies
3. WHAT IS A MAN-
IN-THE-MIDDLE
ATTACK?
• A MITM attack is a type of cyber-attack where
a user is introduced to some kind of meeting
between two parties by a malicious person,
manipulates both parties and gains access to
the data that the two people try to supply each
other
• A man-in-the-middle attack also helps a
malicious attacker, not recognizing any type of
participant until it's too late, to hack and send
data transmission to someone else
• MITM attacks may be referred to in certain
cases, such as MITM, MITM, MIM, or MIM
4. WHO ARE THE
TARGETS OF
MAN-IN-THE-
MIDDLE
ATTACKS?
• Anyone can be attacked at any time
• The device from which the computer or mobile
phone is using the Internet is not considered,
if the connection is insecure, especially when
using free WiFi, you are more likely to have a
moderate attack
• After entering a website, if you see that https:
// is not written in green at the beginning of the
name lock, then leave the site quickly
5. HOW DOES THE
MITM ATTACK
WORK?
• During MITM attacks, cybercriminals put
themselves in the middle of data transactions
or online communication
• Online banking and e-commerce sites, which
require secure authentication with a public key
and a private key, are the main targets of
MiTM attacks because they enable attackers
to capture login credentials and other
confidential information
• The attacker tricks the client and the server
into believing that they are exchanging
information with each other, while the attacker
intercepts the data, creates a connection to
the original site, and acts as a proxy to read
and insert false information into the
communication
6. THE FOLLOWING STEPS INVOLVE A COMMON
DATA BARRIER STRATEGY
The decryption phase is
where the pasted data is
not encrypted
This vital step enables the
attacker to finally decipher
and use the data to their
advantage; For example,
they may steal identities or
disrupt business activities
7. WHAT
ARE THE
TYPES OF MAN-
IN-THE-MIDDLE
ATTACKS?
• To gain access to devices and sensitive
information, cybercriminals use the following
methods to manage MiTM attacks
• Spoofing the domain name system
• HTTP spoofing
• Secure socket layer hijacking
• Email hijacking
• Wi-Fi eavesdropping
• Session Hijacking
• Cache poisoning
10. AVOID PHISHING EMAILS
• Clicking on these links should be avoided,
as they may redirect a user to a fake
website or download malicious software to
their device
12. ENDPOINT
SECURITY
• Extensive endpoint security is most important
when trying to prevent the spread of malware
and other cyber attacks
• By educating users about the dangers of
MiTM attacks and implementing mandatory
active security awareness training for
employees, organizations can protect their
sensitive data in advance
• The training should teach users how to detect
malicious emails and enlighten them about
the best practices for security, such as
implementing a VPN, avoiding public Wi-Fi
networks, and not clicking on suspicious email
links
13. EXAMPLES OF
MAN-IN-THE-
MIDDLE
ATTACKS
• Although the history of MiTM attacks dates
back to pre-Internet times, they have gained
the most traction and limelight in recent years
• The following are some popular real-world
examples of man-in-the-middle attacks
14. EQUIFAX'S MOBILE
APPLICATION
• Equifax, one of the largest credit reporting
agencies, suffered a massive data breach in
2017 that leaked financial information to
nearly 150 million people in the United States
• In addition to this breach, it was discovered
that the company's mobile phone apps do not
always use HTTPS
• Simultaneously Equifax enables users to
intercept data
15. DESIGNER
• DigiNotar, a Dutch issuer of digital security
certificates, was breached in 2011 when a
threatening actor gained access to 500
certificates for prominent websites such as
Google and Skype
• The threat actor uses a MiTM attack tactic to
persuade users to enter passwords on fake
websites and pretend to be real
• DigiNotar has finally filed for bankruptcy to
recover from the loss of this data breach