Cyber Security | What are MITM attacks?

Why is cyber security so important? Cyber criminals managed to trick several British private equity firms into wire-transferring just under £1.3million to accounts that only they could access. What makes this even more serious, is that the executives at the firms thought they had closed lucrative deals with a series of start-up companies.

Cyber criminals are using more and more sophisticated ways to access company data, and exploit any weaknesses to gain control of IT infrastructure. In this case the method used is what is called a ‘Man in the Middle’ (MITM) attack.

This is where an individual think they are communicating with a colleague direct, but all the email traffic is being monitored by a third party, and emails are being changed before a recipient has had a chance to read them.  

For all intents and purposes, the recipient is none the wiser as the email seems to be from a legitimate sender, that they themselves have made contact with, and expected a response. The fake emails are the vehicle for this type of hack, and they only differ very slightly.

Take [email protected]. A cyber-criminal would set up a man in the middle email account such as [email protected]. And there we go! Busy executives may not have noticed the additional character “-“, and hence not known the original authentic email was interfered with. It’s easy to understand how this can be overlooked, but it can cost a company millions in lost revenue or data loss.

Why is cyber security so important

The MITM attack in this case was targeting decision makers in companies using ‘phishing emails’ to gain control of the email account to conduct an attack. The hackers monitored the conversation between two parties and modified details as per their requirements. This attack was successful because of a lack of awareness/cyber security training.

Astec have experience in supporting businesses in implementing processes that greatly reduce the chances of such attacks. We can make your email systems more secure, and implement multi-factor authorisation protocols amongst others. If you are worried about your IT infrastructure, or data loss, please do contact us.

We can conduct a review and let you know what gaps your current IT set up may have, and solutions we would recommend. We have helped numerous clients in a variety of industry sectors, and through our collective experience, we can make sure we have you covered. If that sounds interesting to you make sure to contact us.

Latest posts
Anti-trust: OpenAI And Microsoft – The Latest Following the recent boardroom power struggle that led to the sacking and reinstatement of OpenAI boss Sam Altman, Microsoft’s relationship with OpenAI is now...
Microsoft Launches New AI Content Safety Service Microsoft has announced the launch of Azure AI Content Safety, a new content moderation service that uses AI to detect and filter out offensive,...
Safety Considerations Around ChatGPT Image Uploads With one of ChatGPT’s latest features being the ability to upload images to help get answers to queries, here we look at why there...
Navigating the Cybersecurity Landscape: A Guide for Insurance Companies Introduction The insurance sector is built on the foundation of trust and the secure handling of sensitive data. However, the increasing frequency of cyberattacks...
The Imperative of Cybersecurity in the Financial Sector: Addressing Key Pain Points Introduction In an era where data is the new gold, the financial sector remains a prime target for cybercriminals. With the increasing digitisation of...
No Email Backup For Microsoft 365? In this insight, we look at what many users think to be a surprising fact in that Microsoft 365 doesn’t provide a traditional email...
Zoom Data Concerns In this article, we look at why Zoom found itself as the subject of a backlash over an online update to its terms related...

Technologies we work with...

Astec IT Astec IT - Ultimate service through advances in technology 02038026525 [email protected]