<img alt="" src="https://secure.sale0home.com/217841.png?trk_user=217841&amp;trk_tit=jsdisabled&amp;trk_ref=jsdisabled&amp;trk_loc=jsdisabled" height="0px" width="0px" style="display:none;">

Issue 6: From Man-in-the-Middle to Man-in-the-Airgap

by Smart Grid Forums on March 19, 2021

Cyberweekly No.6

It is thought that the average enterprise runs 80 different 3rd party cloud applications to support business processes such as collaboration, communication, contract management, HR functions, signature authorisation, and more. In fact, many organisations are now running their entire business infrastructure on public cloud platforms and this trend is only set to intensify in the year ahead.

But when we consider that only 9.4% of cloud data is currently encrypted it is no surprise that Man-in-the-Middle attacks are on the rise. With 58% of recent cyberattacks having been initiated via web browsers it is alarming just how easily attackers can intercept private communication, steal login credentials, and mis-direct banking transactions!

So, what exactly is a MITM attack and how can it be prevented? This type of attack can be initiated through malware that infects users’ web browsers, or by hacking into their devices via a public or home WiFi. Because standard web browsers are difficult to secure, and many websites still operate without TLS or SSL encryption, interception is relatively easy and neither users’ routers nor their devices are required to verify the MITM identity in order for the attacker to gain control. In fact, the whole process can be carried out in complete silence and remain totally invisible until the repercussions become evident.

So, what are the best defences against a potential MITM attack? While there is no silver bullet, there are a host of fairly simple solutions that together can create a multi-layered defence-in-depth security strategy that effectively removes you from the MITM line of fire. These techniques include: 1) encrypting your access points, 2) implementing strong WiFi credentials, 3) applying multi-factor authentication, 4) investing in antivirus software, 5) adopting a VPN across all devices, 6) keeping operating systems fully patched, 7) visiting HTTPS websites only, 8) investing in remote browser isolation (RBI).

In a world where governments are demanding minimal encryption to ease surveillance in the interest of national security, and large tech organisations are asking for access to our every keystroke to help them build better products and services, hackers have their pick of ‘greater-good’ security vulnerabilities to exploit. But RBI has the potential to level this playing field and put the user back in control of their data privacy and protection.

RBI takes a zero-trust approach and operates a ‘disposable’ browser environment where web files render rather than download and can be sanitised within the virtual environment using file cleansing techniques such as Content Disarm & Reconstruction. Once the browsing session is closed the entire browser environment is reset. This proactively combats known, unknown and zero-day threats, contributing to a strong defence-in-depth approach. This use of an ‘air-gap’ makes infiltration from the public Internet extremely difficult - and well worth considering!

Please enjoy this week’s selection of news, views and resources below, and feel free to share this newsletter with colleagues in other departments, and peers in other organisations.

Kind Regards,


Mandana White
CEO | Smart Grid Forums

News, Views & Resources

MARKET REPORT: Thales. 2020 Thales Data Threat Report Global Edition
Organisations are leveraging a wide variety of technologies, including cloud, mobile, and the Internet of Things (IoT) to transform their businesses. While digital transformation can provide tremendous value, it also makes data security more complex. But organisations are cognitively dissonant to data security. Two-thirds believe they are very secure, but they are not implementing the processes and investing in the technologies required to appropriately protect their data. As organisations face expanding and more complex data security challenges, they need to take a multi-layered approach to data security, embracing cloud shared security responsibilities and adopting a zero-trust model that authenticates and validates the users and devices accessing applications and networks, while also employing more robust data discovery, hardening, data loss prevention, and encryption solutions.
To read the report, click here!

MARKET REPORT: TechRepublic. Man-in-the-Middle Attacks: An Insider’s Guide.
Eavesdropping, fraud, and message interception are crimes as old as communication itself. Everything but the information contained in our brains is accessible to other people, and not all those people have your best intentions in mind. Intercepting and altering communication has happened for centuries, and the advent of the internet made it easier than ever for criminals to inject their interests into private transmissions. These nefarious acts are called man-in-the-middle (MITM) attacks. This type of cybercrime is common, potent, and devastating. Here’s what you need to know about MITM attacks, including how to defend yourself and your organization against them.
To read the report, click here!

MARKET REPORT: EMA. Maintaining Data Protection in a Hybrid Multi-Cloud World.
Digital collaboration and its inherent data sharing are a fact of life within the modern, cloud-connected enterprise. The traditional assumption of trust given to appropriately credentialed employees and contractors operating within the enterprise’s hardened perimeter has been extended to modern cloud-based architectures. Teams working together to advance business objectives can freely share data across private hybrid cloud, multi-cloud, and on-premises-based applications. In most cases, that data is shared in cleartext. Research on data in the cloud shows that only 9.4% of cloud data is encrypted. If that data is exposed to the Internet or otherwise leaked, the organization has little to no means of recalling or deleting it. In the cases of theft, the overall lack of encryption in use means that once the data is stolen, it’s game over.
To read the report, click here!

WHITEPAPER: Forcepoint. Remote Browser Isolation Powered by Ericom.
While web access and email are critical to most organisations, we know these tools are also responsible for the most dangerous security threats. Risk is amplified by the explosive growth of users accessing data from different devices from anywhere around the world. Browser isolation prevents websites from delivering malware, zero-day exploits, and phishing threats to endpoints, improving security and productivity by enabling broad web access for users. Risky websites, like uncategorised sites or new domains, and phishing URLs are rendered in remote virtual containers, isolating devices from threats, while users experience a safe, fully interactive browsing experience.
To read the report, click here!

ARTICLE: JumpCloud. The 4 Best Practices for WiFi Network Security.
Many IT admins will assert that key servers and applications are moving to the cloud, so there is nothing of value on the wireless network. This sentiment belies a simple truth. Your end users’ systems are on the WiFi network. If a hacker can directly access your users’ systems, they have a chance to break through to other IT resources. Even with key applications and pieces of infrastructure moving to the cloud, the system is still the gateway to the IT resources your users utilise daily. Here we provide you with some best practices.
To read the article, click here!

VIDEO: VPNpro. Man-in-the-Middle Attack EXPLAINED: How You Can Prevent a MITM Attack.
What are Man-in-the-Middle attacks? The bad guy inserts him or herself on a communication between two devices and reads the traffic without anyone noticing. Those two devices are your laptop and the WiFi router, and if you are not using an encrypted connection, which usually happens when you visit an insecure website, the Man-in-the-Middle can learn all sorts of sensitive information about you leading to data and identify theft.
To watch the video, click here!

CyberAware Webinar Series

Screen Shot 2021-03-02 at 13.49.00



Topics: CyberAware