MAN IN MIDDLE ATTACK

WHAT IS MAN IN MIDDLE ATTACK?

• It is a type of cyber attack where a malicious actor
inserts him/her into a conversation between two
parties, impersonates both parties and gains access to
information that the two parties were trying to send to
each other.
KEY CONCEPTS OF MAN IN MIDDLE ATTACK:
• Man-in-the-middle is a type of eavesdropping attack
• A MITM attack exploits the real-time processing of
transactions, conversations or transfer of other data.
• Man-in-the-middle attacks allow attackers to intercept,
send and receive data never meant to be for them.
MAN IN MIDDLE EXAMPLE:
MAN IN MIDDLE ATTACK PREVENTION:
• Avoiding WiFi connections that aren’t password
protected.
• Paying attention to browser notifications reporting a
website as being unsecured.
• Immediately logging out of a secure application when
it’s not in use.
• Not using public networks (e.g., coffee shops, hotels)
when conducting sensitive transactions.
 REAL TIME ATTACK:
• According to Zdnet3, in 2019 users of Kazakh mobile operators
trying to access the internet received text messages indicating
that they need to install government-issued root certificates on
their mobile and desktop devices. Requiring internet users to
install root certificate that belongs to the government could give
the government the ability to intercept encrypted HTTPS traffic
and perform a MITM attack to break secure communication.