What is man-in-the-midlle attack?
“Man-in-the-middle” translates as middleman. In such an attack, someone places themselves as a middleman between two communication parties – without their knowledge.
The goal is to read and possibly modify the communication and to learn confidential information such as passwords and login data.
What does a man-in-the-middle attack mean in detail?
There are different approaches to these attacks. Basically, they can be divided into attacks that are aimed at
- technical gaps, e.g. in servers and programs
- Human errors, e.g. when accessing external WLANs
One attack pattern that is easy to understand even for laypersons is faking public WLAN access, e.g., in airports, hotels, or cafés. The supposed WLAN access has a legitimate-sounding name and is characterized by a strong signal. But all data traffic passes through the man-in-the-middle’s system – including all the passwords, user names, bank data, etc. used. Those who use this supposed WLAN access do not notice anything about the attack. This is because the man-in-the-middle forwards the data to the target address.
Where do I encounter man-in-the-middle attacks in everyday work?
- In principle, in every data exchange, especially via the Internet.
- In any case, you should consider man-in-the-middle attacks before and when using public WLAN access.
What can I do to improve my security?
- Meticulously ensure that your entire system is up to date and install updates immediately. This is especially true for your web browser
- For websites, make sure your connection is secured via SSL or TLS.
- Always use two- or multi-factor authentication when offered. This usually involves a one-time password that is sent to you by SMS, for example. Prefer channels that are unlikely to be accessed by a man-in-the-middle attack. For example, send an SMS instead of an e-mail.
- If possible, do not use public WLAN access.
- If you must use public WLAN access, mitigate your risk. Pay close attention to connecting to legitimate WLAN. Do not download any data, do not transmit any passwords, and do not use online banking.
Advanced Persistent Threat
Means “sophisticated, persistent threa” and refers to particularly elaborate cyber attacks. Advanced persistent threats are mostly targeted and can cause massive damage, on the one hand via data destruction (sabotage), while on the other hand, by spying on particularly valuable data, such as state secrets or product innovations (espionage).mehr lesen
Cyber risk is the possibility that something could happen to the information or IT assets stored in your organization that would hurt your business significantly.mehr lesen