Although “man in the middle” cyberattacks have been around for a long time, they continue to be a scourge to IT leaders and professionals charged with protecting organizations’ cybersecurity.
A survey conducted by consulting firm Enterprise Management Associates on SSL and transport layer security certificate security found that nearly 80 percent of TLS certificates on the internet are vulnerable to MITM attacks, while as many as 25 percent of all certificates are expired at any given time.
With many employees continuing to work hybrid schedules and potentially using public unsecured public Wi-Fi networks to conduct business, they remain vulnerable to MITM attacks. During such attacks, malicious actors intercept communication between two parties; the attackers capture sensitive data and can also alter that data, potentially relaying inaccurate information between the two.
“MITM attacks are as old as time, and are basically the first thing you might think of when you think of hacking: ‘What if I intercept and read or alter these private communications?’” says Christopher Rodriguez, research director at IDC’s security and trust group.