Different Types of Man-In-The-Middle Attacks

ACM.297 Different points of MITM attack and how they can affect victims and websites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

⚙️ Check out my series on Automating Cybersecurity Metrics | Code.

🔒 Related Stories: AWS Security | Secure Code | Data Breaches

💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Often people will talk about a Man in the Middle (MITM) or sometimes called Monkey-in-the-middle attack and say that it is required for a particular attack to work. But what does that actually mean?

There are different points at which these attacks can occur. In order to properly evaluate the risk and defend against MITM attacks you need to understand where they can occur and the implications of the different types of MITM attacks. In some cases the risks associated with the malware that enabled the MITM attack itself are greater than the vulnerability facilitated by it.

In other cases, malware is not required for an MITM attack. The traffic can be inspected simply because it is unencrypted and passing over a particular network device. There are different ways to address these different points of attack.

Although MITM is related to encrypted traffic, HTTPS, HSTS and other types of…