According to net-monitoring firm Renesys, there’s been evidence of mass hijackings of network traffic recently discovered. Since the beginning of 2013, the firm has discovered live man-in-the-middle hijacks involving over 1,500 sets of IP addresses.
A man-in-the-middle attack is an exploit that occurs when an attacker intercepts communications between two parties, often a website and an end user. The intruder will usually use the information to commit identity theft or fraud.
Essentially, the attack involves inspecting or modifying a victim’s traffic prior to the intended recipient receiving the information. According to Renesys, attackers have been re-routing data to and from various governments, finance firms, and net phone services.
In a few cases, the traffic was sent half way around the world before actually being delivered to its intended destination. The firm’s discovery has proved that man-in-the-middle route hijacking is an important concern for businesses of all types, as it happens on a regular basis.
Man-in-the-middle hacking can even replace the requested website with one of its selection, which can cause minor or major damage. The attacker can choose to redirect the user to an advertisement, or a false bank site that looks identical to the requested original bank site, causing major implications for the end user.
The potential for man-in-the-middle hacking is growing, becoming a very real concern for both individuals and businesses that use the Internet. More specifically, large global carriers, government agencies, and bank and/or credit card process companies must be careful and remain on the lookout for this type of intrusion.
Protecting Against Man-in-the-Middle Attacks
For businesses, regular monitoring of network traffic is important. It’s a good idea to offer two-factor authentication to customers, in order to add another layer of security during login attempts to access accounts.
Users’ should always take advantage of authentication credentials like tokens and various forms of two factor authentication for accounts. In addition, be careful with emails from unknown senders and avoid links to access secure websites, always type the URL into the browser instead. Whenever possible, avoid using public Wi-Fi to login to sensitive accounts.
Concerned about IT security in your US, Puerto Rico and the Virgin Islands business? Contact Pulse Technology Solutions right away. Our team of IT security and network security professionals will ensure your business is safe and secure.