A man-in-the-middle attack, also known as an MITM attack, is a form of attack that is used in computer networks. The attacker positions himself physically or logically between the two communication partners and thus gains control over the data traffic between them.
This enables the attacker to manipulate the exchange of information between the network participants at their own discretion. These attacks can be used to steal sensitive information such as passwords or transaction data. Attacks take place between legitimate communication partners, which enables the attacker to listen in on conversations that would not be accessible to him. The attacker is therefore referred to as a “man-in-the-middle” because he acts like an invisible third party. The information obtained from the conversation is used for identity theft, stealing intellectual property or falsifying transactions. There are various methods for man-in-the-middle attacks, including setting up a rogue access point, ARP spoofing, DNS spoofing or even phishing, sniffing and SSL stripping.
Man-in-the-middle attacks can cause significant damage, from financial loss to identity theft and manipulation of online activity. Therefore, it is crucial to take appropriate security measures, including the use of strong encryption, secure WLAN practices, use of VPN and enforcement of HTTPS. The use of encryption protocols such as TLS also provides protection.
« Zurück zur Glossar Übersicht