Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
When you were a kid, presuming that you have indeed grown up, did you ever play the game “Man in the Middle”? That is where two players play a game of catch with a large ball, but they must throw it over the head of a third player in the middle. The player in the middle wins the game if they can intercept the ball.
In network security, a “Man in the Middle Attack” refers to a hacker that is able to insert themselves into the middle of communication between a client system and a server system. He tricks the client into thinking that he is the server and the server into thinking he is the client. If the hacker is successful he wins and the targets of attack lose. Depending on how nefarious the attacker is, they could lose big time.
Man in the Middle (MIM) attacks can be used to monitor network traffic to steal valuable data or security credentials such as IDs and passwords. It can be used to generate a denial of service attack that slows or halts network communication. It can be used to redirect a web site visitor to a fake site as part of a criminal scheme. It can be used to intercept files and email. It can be used to infect the client and the server with a virus.
For example, a user goes to their bank’s web site to do some online banking. However, a man in the middle attack redirects him to a fake web site that looks just like the bank’s. The hacker captures the user’s login and account information. He can process the user’s transactions so they do not know anything is wrong, until they find their account raided later by the hacker.
Web communication is a particular concern because the hypertext transfer protocol (HTTP) uses ASCII text messages transferred asynchronously. HTTP does not establish a continuous connection required for security. With http, it is relatively simple for a hacker to intercept, read and modify messages. Before the internet could be commercialized in 1994, there needed to be a way to create secure connections with encrypted messages.
Netscape created that way with the Secure Socket Layer (SSL) protocol which works in conjunction with HTTP to provide secured, encrypted connections on the internet. I would never provide personal information on a web site unless I see https on the address line! However, the encryption strategy used by SSL can leave an opening for a MIM attack. The browser sends a message to the web server to start the process and the server responds with the information to create the secured connection in a file called a certificate. It includes a value called a “key” that the browser needs to encrypt its messages for the server. If a hacker can create a MIM process, it can substitute its own key for the web server’s. It can then read and edit the browser’s messages. It can do the same with the server’s messages.
Now, here is the really scary part. Tutorials on how to create a MIM are all over the internet, including YouTube videos. If that isn’t enough, there are tools available on the web that will automate and simplify the process of creating a MIM. How can the powers that be allow that to happen? Besides a little thing called the First Amendment, there are legitimate uses for MIM. Companies are allowed to monitor employee use of company resources. They use MIM to watch what employees are doing and to read their emails. Sounds a little creepy, but employees often abuse their privileges and employers have a right to know.
Fortunately, another feature was built in to SSL to deal with this problem. An SSL certificate includes a field for a “signature”. The signature is the name of a party that has verified that the certificate originates from the site it is attempting to communicate with. A MIM process can still succeed if the certificate has been revoked or is “self signed”. A self-signed certificate is signed by the site itself.
However, if the certificate is signed by a 3rd party called a Certificate Authority (CA) the browser has assurance that the certificate is in fact issued to the site owner.
Problem solved? Partially, but there is one more thing to consider.
There are different levels of assurance provided by a CA. For important transactions, particularly financial transactions, you want your site users assured that you are a legitimate ongoing operation. To that, you should obtain an Enhanced Validation (EV) SSL the highest level of assurance provided.
With EV from Comodo, you and all of a web site’s visitors can keep an eye out for the “Man in the Middle”!.
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
See how your organization scores against cybersecurity threats