Behind the hack: Man in the Middle (MiTM) attacks.

Posted 09 February 2022 by Laura

Watching a cyberattack from the perspective of an ethical hacker is an eye-opening, and thought provoking, experience. This second short video in the Behind the Hack series (here's the first one in case you missed it) shows an ethical hacker using a fake login portal. It's a trick that hackers use every day to gain access to sensitive and business-critical data.

In the past we’ve written about ransomware, phishing and spear-phishing...but with a surge of attacks being reported, we thought it was a great time to add another type of cybercrime to the mix. We’re here to talk Man-in-the-Middle attacks.

Hello. Is it me you're looking for? 
In this type of cyberattack, the hacker sits between a network user and a web application or server that the user is trying to connect to. Once settled nicely in to this position, the hacker can begin collecting information such as personal data, passwords or banking details – they could even redirect an invoice payment to 'your new’ bank account. MitM attacks often include email spoofing, website spoofing (or both) in order to trigger activity and carry out the transfer of data.

Behind the scenes of a MitM attack:

 

Top tips to prevent a Man-in-the-Middle attack:

1. Working remotely, securely. Only connect to networks that are secure and encrypted. This is particularly important for hybrid and remote workers, but we know that most people want to be able to access everything from everywhere – so a secure network in the cloud is vital.

2. Multi. Multi-factor. Multi-factor authentication. If you’ve been following us for a while, you’ll get our point. Seriously, if there’s one thing you do today, make this it.

3. Educate and empower. There might be people working within your organisation who don't really understand internet best practice; that they shouldn’t access unsecured websites or that a misspelt URL or email address is probably more likely to be a cyberattack than a genuine typo. Those examples might seem a bit far-fetched for where we are…but to bring the point home, there’s a moral obligation for those in the know to educate those who aren’t.

4. Keep IT private. Using a Virtual Private Network (VPN) for employees not on an office-managed network changes your IP address and encrypts internet traffic; keeping your data secure in the cloud, and completely out of harm's way.


Cyber security in Azure is a safe pair of hands.
As a proud Microsoft Gold Partner, we’re always working hard to help secure and protect businesses in the cloud. And we feel we’ve been given the absolute best tools to do that with, wherever you are in the cloud adoption journey. In 2020, Microsoft was named a Leader in Gartner’s Magic Quadrant for Access Management thanks to the almighty Azure Active Directory. Azure AD, the complete identity and access management solution with integrated security, connects a whopping 425 million people to their apps, devices and data, every month. So they’re obviously doing something right.

For more advanced protection, there’s CASB, Endpoint Management and Threat Detection Azure Sentinel. Sentinel includes AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads and IoT devices – in one single platform. Pretty cool ‘eh.

According to CrowdStrike’s Cyber Front Lines Report, 30% of organisations with antivirus solutions had them either incorrectly configured with weak prevention settings – or they hadn’t been fully deployed.

But when cloud security solutions are configured and deployed correctly, great things can happen:
1. Protect and enable your workforce.
2. A quick and easy sign-in experience (we’ve all been there).
3. Less time spent managing passwords.
4. Safeguard identities – your name’s not down, you’re not coming in.
5. Apps and data are kept more secure as visibility and control is increased.
6. Identity management in the cloud that is simple and unified. Easy peasy.

 


Feel a bit daunting?
If you’re looking to move your business over to the cloud, build out your cloud strategy – or you just know that you need help protecting your people, data and devices against cyberattacks, we're always happy to chat.

From our people, to your people.
We believe in working closely with IT teams to get the best results for you, your people and your business. If you'd like to know what that means for us and our clients, see what they had to say about working in the cloud with us: