Scribd
Upload
24 views

Security Computing

The document discusses man-in-the-middle attacks, which involve a malicious actor intercepting communications between two parties by impersonating each party. It provides key details about how MITM attacks work, examples of them, and ways to help prevent them such as using password protected WiFi and avoiding public networks for sensitive transactions.

Uploaded by

deepika kumar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
24 views

Security Computing

The document discusses man-in-the-middle attacks, which involve a malicious actor intercepting communications between two parties by impersonating each party. It provides key details about how MITM attacks work, examples of them, and ways to help prevent them such as using password protected WiFi and avoiding public networks for sensitive transactions.

Uploaded by

deepika kumar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 7

MAN IN MIDDLE ATTACK

WHAT IS MAN IN MIDDLE ATTACK?


• It is a type of cyber attack where a malicious actor
inserts him/her into a conversation between two
parties, impersonates both parties and gains access to
information that the two parties were trying to send to
each other.
KEY CONCEPTS OF MAN IN MIDDLE ATTACK:
• Man-in-the-middle is a type of eavesdropping attack
• A MITM attack exploits the real-time processing of
transactions, conversations or transfer of other data.
• Man-in-the-middle attacks allow attackers to intercept,
send and receive data never meant to be for them.
MAN IN MIDDLE EXAMPLE:
MAN IN MIDDLE ATTACK PREVENTION:
• Avoiding WiFi connections that aren’t password
protected.
• Paying attention to browser notifications reporting a
website as being unsecured.
• Immediately logging out of a secure application when
it’s not in use.
• Not using public networks (e.g., coffee shops, hotels)
when conducting sensitive transactions.
REAL TIME ATTACK:
• According to Zdnet3, in 2019 users of Kazakh mobile operators
trying to access the internet received text messages indicating
that they need to install government-issued root certificates on
their mobile and desktop devices. Requiring internet users to
install root certificate that belongs to the government could give
the government the ability to intercept encrypted HTTPS traffic
and perform a MITM attack to break secure communication.

You might also like