Cyber Security | What are MITM attacks?

Why is cyber security so important? Cyber criminals managed to trick several British private equity firms into wire-transferring just under £1.3million to accounts that only they could access. What makes this even more serious, is that the executives at the firms thought they had closed lucrative deals with a series of start-up companies.

Cyber criminals are using more and more sophisticated ways to access company data, and exploit any weaknesses to gain control of IT infrastructure. In this case the method used is what is called a ‘Man in the Middle’ (MITM) attack.

This is where an individual think they are communicating with a colleague direct, but all the email traffic is being monitored by a third party, and emails are being changed before a recipient has had a chance to read them.

For all intents and purposes, the recipient is none the wiser as the email seems to be from a legitimate sender, that they themselves have made contact with, and expected a response. The fake emails are the vehicle for this type of hack, and they only differ very slightly.

Take [email protected]. A cyber-criminal would set up a man in the middle email account such as [email protected]. And there we go! Busy executives may not have noticed the additional character “-“, and hence not known the original authentic email was interfered with. It’s easy to understand how this can be overlooked, but it can cost a company millions in lost revenue or data loss.

The MITM attack in this case was targeting decision makers in companies using ‘phishing emails’ to gain control of the email account to conduct an attack. The hackers monitored the conversation between two parties and modified details as per their requirements. This attack was successful because of a lack of awareness/cyber security training.

Astec have experience in supporting businesses in implementing processes that greatly reduce the chances of such attacks. We can make your email systems more secure, and implement multi-factor authorisation protocols amongst others. If you are worried about your IT infrastructure, or data loss, please do contact us.

We can conduct a review and let you know what gaps your current IT set up may have, and solutions we would recommend. We have helped numerous clients in a variety of industry sectors, and through our collective experience, we can make sure we have you covered. If that sounds interesting to you make sure to contact us.

Latest posts

Shap-E AI: Generates 3-D Models From Text The Shap-E AI system from OpenAI (creators of ChatGPT) and available for open-source download, can create 3D models from text. What Is It? According...

ChatGPT Banned At Apple Apple has reportedly banned the internal use of ChatGPT and other chatbots plus AI writers like Bard, Copilot and GitHub to prevent the sharing...

Protecting passwords made easy In today's digital age, protecting our personal information has become more crucial than ever. Whether you're working on your laptop in a coffee shop...

Twitter Encryption : More Musk Makeovers Twitter has recently added a new encrypted messaging service to its repertoire, offering end-to-end encryption for all direct messages sent across its network. This...

Gmail To Get Blue Checkmarks For Verification Google has announced that Gmail has introduced blue checkmarks next to select senders’ names to help users identify messages from legitimate senders. Will Work...

Website Speed – How to keep your website speed high? Here we look at what website speed means, how important it is for businesses (and why), plus how businesses can test their website speed...

The Online Rip-Off Tip-Off In this insight, we look at the new online form where customers can report online rip-offs that’s been developed as part of the new...

Technologies we work with...