Man-in-the-Middle cyber attacks leading to surge in security breach incidents amid pandemic

As per a recent government data presented in the Parliament, nearly 1.16 million cases of cyber attacks were reported in 2020, almost a 300% spike from the prior year.

In the wake of COVID, no amount of precautions and surveillance has helped companies curb the risk of cyber attacks in India and abroad. To ensure cyber security and avert vulnerabilities, the government has been issuing various security guidelines, mandating cyber security audits, and doing proactive tracking. Despite all these countermeasures, India has recorded a three-fold increase in the cyber security breaches since last year. As per a recent government data presented in the Parliament, nearly 1.16 million cases of cyber attacks were reported in 2020, almost a 300% spike from the prior year.

In our rapidly-evolving connected world, it’s nearly impossible for users to understand the types of threats that could compromise the online security of personal information and take necessary precautions. According to a survey by Sophos, 52% of the Indian companies faced cyber security attacks last year, which means that every second company in the country has been affected adversely.

When companies place the burden of security mostly (or entirely) on the user, they can fall victim to a number of sophisticated man-in-the-middle (MITM) attacks carefully crafted to trick even the most diligent user. That’s why companies need software solutions that can help prevent these attacks and protect their assets and data. There are cyber security companies that are specifically working on solutions to avert the risk of MITM attacks and effectively deal with them. One such company is Uniken, which has been awarded by Cybersecurity and Infosec magazine Threat.Technology.

A man-in-the-middle attack is when an attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other.

There are a number of different attack types:

IP, DNS, and HTTPS Spoofing – Through spoofing, bad actors can send or divert victims to fraudulent websites. The user believes that they’re interacting with a valid website or contact, all while the attacker can monitor their interactions and steal information.

Email and Session Hijacking – After gaining access to target email accounts or online session via stolen session key or browser cookies, cybercriminals can monitor transactions between a company and its customers. Then, they spoof one or all members of the conversation in order to steal funds.

Wi-Fi Eavesdropping – Bad actors set up Wi-Fi connections with very legitimate sounding names, similar to a nearby business. As soon as a victim connects, they can monitor the user’s online activity and intercept valuable information.

There are a few things that need to happen in order to prevent man-in-the-middle attacks. Companies need to ensure with absolute certainty that their user’s network, Wi-Fi connection, and device are all secure and that the user is who they say they are. Traditionally, that would require multiple, separate technology solutions. At the same time, users need to know with absolute certainty that when they engage with a company, they are in fact dealing with them and not an imposter.

Smartphones have changed the way we view the world. We are now always on, always connected, always capable. Moreover, smartphones have now become a means of doing business for everyone rather than just being connected with family and friends. Hence with this added benefit of a smartphone, we have risked our data’s security while building a virtual connection with our professional counterparts.

The easier and safer it is for customers to do business with an organization, the more they will, helping companies earn greater wallet share and breath of product. This is why companies must act now to help curb the risk of MITM attacks.

(By Bimal Gandhi, CEO, Uniken)