Security News > 2023 > May > Ransomware tales: The MitM attack that really had a Man in the Middle
The UK law enforcement office SEROCU, short for South East Regional Organised Crime Unit, this week reported the peculiar tale of one Ashley Liles, the literal Man in the Middle whom we referred to in the headline.
These days, we usually expand the jargon term MitM to mean Manipulator in the Middle, not merely to avoid the gendered term "Man", but also because many, if not most, MitM attacks these days are performed by machines.
Some techies have even adopted the name Machine in the Middle, but we prefer "Manipulator" because we think it usefully decribes how this sort of attack works, and because sometimes it really is man, and not a machine, in the middle.
A MitM attack depends on someone or something that can intercept messages sent to you, and modify them on the way through in order to deceive you.
As you can imagine, cryptography is one way to avoid MitM attacks, the idea being that if the data is encrypted before it's sent, then whoever or whatever is in the middle can't make sense of it at all.
The attacker would not only need to decrypt the messages from each end to figure out what they meant, but also to re-encrypt the modified messages correctly before passing them on, in order to avoid detection and maintain the treachery.
News URL
Related news
- Massive PSAUX ransomware attack targets 22,000 CyberPanel instances (source)
- North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- qBittorrent fixes flaw exposing users to MitM attacks for 14 years (source)
- City of Columbus: Data of 500,000 stolen in July ransomware attack (source)
- Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Halliburton reports $35 million loss after ransomware attack (source)
- New Ymir ransomware partners with RustyStealer in attacks (source)
- New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks (source)