5 things you need to know about Man-in-the-middle (MITM) attacks

There are quite a few of different kinds of cyberthreats out there—ransomware, phishing attacks, viruses, and malware, just to know a few that tend to get a lot of press. But there’s one that often gets overlooked: MITM attacks.

Here’s why that’s particularly alarming. Man-in-the-Middle (MITM) attacks are one of the most common and prevalent threats that pose a risk to your data.

One couple in the UK lost $500,000 to a MITM attack. Imagine the kind of impact a MITM attack could have on a business.

What is a Man-in-the-Middle attack?

MITM attacks happen when a third party secretly inserts itself into a two-party conversation.

It’s essentially cyber eavesdropping. The goal is to eventually hijack the communication when an opportunity presents itself to steal data or funds.

Whether through weak network protections, phishing, or poor user habits, when a piece of MITM software installs itself onto your computer, device, or network, it then gains the ability to listen and record your sensitive information.

Often, it can also change that information between servers. This means that, for example, if you log onto a network using your normal username and password, the MITM software can then change that information and effectively lock you out of your own account while taking advantage of the situation to further infiltrate, steal data, or in some cases, assets such as money, goods or data.

Stopping MITM attacks

Here are a few ways to deal with Man-in-the-Middle attacks.

Make detection a priority

Detection is high on the list of ways to protect yourself from MITM attacks. Unfortunately, detection can be sometimes difficult.

The most effective way to deal with these security breaches would be to avoid letting the opportunity for a MITM attack happen in the first place. This means building a strong defense.

Setting up an intrusion detection system (IDS) is a good start. An IDS monitors your network, and should someone infiltrate the traffic flow, you’ll receive an immediate alert.

There is the concern that this method could raise false alerts and tempt the user to turn off the IDS. Avoid doing that. False alerts are better than no alerts. Don’t leave your network open to attack.

The most effective way to deal is to build a strong defense.

Use a virtual private network (VPN)

The encryption inherent in the VPN platform adds additional layers of protection when your company’s networks are accessed. This is a particularly good idea if a remote employee is connecting through a Wi-Fi network.

Furthermore, VPN setups also allow for monitoring and auditing activity. That can aid in detecting irresponsible network behavior and allow for opportunity improving safe work connectivity habits.

Secure your physical network

Related to use of a VPN to protect your network, make sure your onsite network is likewise secured with robust firewalls and encryption. This will prevent outside parties from gaining access and setting up their MITM attacks.

Two-step authorization practices can also function as an additional layer of security.

Avoid public networks

This is good advice anytime you’re working with sensitive information. By avoiding the use of public networks, you deny bad actors the opportunity to insert their software into your communications path.

If you’re going to use a public network, limit it to less security-conscious pursuits such as reading news or simple web surfing.

Create defensive email habits

Many MITM attacks occur following phishing attacks. Phishing is when a cybercriminal uses a fraudulent email to trick the recipient into downloading a file or clicking a link which then installs risky malware onto their computer or network.

Always be suspicious of any email—particularly from trusted entities—that ask you to download files or provide sensitive login information. Confirm that the source email addresses are correct. If they’ve misspelled the name of a well known or trusted site in the email (such as or, then do not click on any links in that email. Don’t even open it.

Likewise, be suspicious of unexpected text messages. Banks and other major services are not going to ask you to share sensitive information directly via text or email.

Many MITM attacks occur on phones, so be careful responding to anything that seems even remotely suspicious in order to have malevolent software inserted on your phone.

Employee education is key. Make sure everyone on your staff knows how to handle email safely.

MITM doesn’t have to bring you down

Vigilance, preventive action and good practices all go a long way in protecting you and your networks from MITM exploitation. Stay current with news regarding cyber threats in order to best protect yourself, your company, and your customers.

Don’t let anyone get between you and your data.