Protecting Business from Man-in-the-Middle Attacks

by CXOtoday Staff    Feb 27, 2009

A new man-in-the-middle (MITM) type of attack has recently come to light. It differs from traditional MITM attacks, which rely on a user being fooled into going to the wrong Web site. 

What makes this attack different is that the fraudulent site attempts to leverage false visual cues, namely replacing the fraudulent site’s favicon with a padlock icon (A padlock icon is traditionally recognized as a visual cue to signify an SSL-protected site.).

According to security company - Verisign, the following tips can help protect you from a harrowing experience:

For end users:

* Look for the "green glow": MITM and phishing attacks in the wild today can be combated through Extended Validation (EV) SSL certificates and to notice when there is an absence of green.  EV SSL Certificates definitively confirm the identity of the organization that owns the Web site.  Online criminals do not have access to EV SSL certificates for the sites they’re counterfeiting and therefore cannot spoof the green glow that shows that an authenticated Web site is secure.

* Download the latest version of high security Web browsers such as Internet Explorer 7 or higher, FireFox 3 or higher, Google Chrome, Safari or Opera.

* Take advantage of authentication credentials such as tokens and other forms of two factor authentication for sensitive accounts. 

* Treat e-mails from unknown senders with a high degree of skepticism, and don’t click links to access secure sites (type in the Web address into the browser).


* Adopt EV SSL and educate customers on what the green or glow means.  Put the EV SSL Certificate on your home page and every other page where a secure transaction takes place.

* Do not offer logins on pages that are not already in an SSL session.

* Offer two factor authentication to customers as an optional way to add another layer of security when accessing accounts.

* Do not include links in e-mails to customers, and encourage them to download the latest version of their favorite browsers.

Related links:

What Lies Ahead: 2009 & the Security Scenario
Cisco Issues Malware Red Alert

Anti-Phishing Initiative Launched