risk management: tip of the week

What is a Man-In-The-Middle Attack?

In order to protect your self-storage operation from cybercrime, it helps to understand the most common threats and tactics used by cybercriminals. This week's topic is man-in-the-middle attacks.

What is a Man-In-The-Middle Attack?
Also known as an eavesdropping or hijacking attack, a man-in-the-middle, or MITM, attack lets hackers secretly put themselves between users and a web service they’re trying to access, allowing the attackers to filter and steal personal customer data. The strategy gives the perpetrator the ability to insert their own cryptocurrency wallet to steal funds, redirect a browser to a malicious website, or passively steal information to be used in later cybercrimes. An attack can come from an email, social media, or simply by browsing the internet.

The primary goals of an MITM attack are as follows:
Stealing personal information for identity theft.
Gaining login credentials from a user.
Getting a credit card number or other payment information.

The primary means of preventing or detecting MITM attacks are authentication and tamper detection. Authentication involves providing some degree of certainty that a message originated from a legitimate source, not an uninvited third party or "eavesdropper." Tamper detection provides evidence that a message may have been altered.
Next week, we will discuss cybersecurity best practices for self-storage operations.
Download MiniCo's white paper Cybersecurity and Privacy Risks: Information for Self-Storage Businesses.

For more tips, sign up for the quarterly e-Risk Management newsletter. It's free!

Sincerely,

Mike Schofield

Mike Schofield
President & CEO

MINICO INSURANCE AGENCY, LLC
Member ARAN Insurance Services Group

10851 N. Black Canyon Highway, Suite 200, Phoenix, AZ 85029