Man-in-the-middle attack prevention

Though flaws are sometimes discovered, encryption protocols such as TLS are the best way to help protect against MitM attacks. The latest version of TLS became the official standard in August 2018 There are also others such as SSH or newer protocols such as Google’s QUIC.

For end-user education, encourage staff not to use open public Wi-Fi or Wi-Fi offerings at public places where possible, as this is much easier to spoof than cell phone connections, and tell them to heed warnings from browsers that sites or connections may not be legitimate. Use VPNs to help ensure secure connections.

“The best methods include multi-factor authentication, maximizing network control and visibility and segmenting your network,” says Palo Alto’s Hinchliffe.

Prevention is better than trying to remediate after an attack, especially an attack that is so hard to spot. “These attacks are fundamentally sneaky and difficult for most traditional security appliances to initially detect,” says Crowdstrike’s Turedi.

If it becomes commercially viable, quantum cryptography could provide a robust protection against MitM attacks based on the theory that it is impossible to copy quantum data, and it cannot be observed without changing its state and therefore providing a strong indicator if traffic has been interfered with en route.