IT Security: Dealing with ‘Man in the Browser’ Cyber Attacks
When IT support is organized around a managed programs model, internal employees and supervisors are better able to understand today's threat environment. This is because in addition to updating software and administering configurations and other settings, a managed programs IT consultant can recognize the IT security risks that exist, some of which may not be visible to the naked eye, such as a "man-in-the-browser" (MitB) attack.
What is a ‘Man-in-the-Browser’ Cyber Attack?
This rather amusing name is really not amusing at all. A MitB is a type of Trojan horse that takes advantage of IT security vulnerabilities thereby infecting the user's browser to modify web pages, transactions, etc. without the user ever knowing. Oftentimes, A man in the browser attack occurs when malicious popup windows are launched during a browsing session. In effect, it is as though an individual located in the bolts of the browser program is tossing additional windows onto the screen.
Such an attack may be a result of malware already installed on the target machine. In this scenario, popup windows may appear and proliferate no matter what web sites are visited. Indeed, in some extreme cases it can become impossible even to close down the browser program because so many popup windows are constantly appearing. As they steal focus from the main browser window, a user may not be able to keep that window active long enough to execute a close command.
A man in the browser attack may also emanate from a specific website that contains illicit instructions to launch such attacks, or contains advertising animations or other flash/shockwave elements from marketers due to an infected advertisement.
Why Managed Programs Assistance is Needed
Man in the browser attacks can do much more than simply annoy workers. The pop ups may be cleverly engineered to execute other actions on the system; banks have actually seen pop-ups that launch Trojans which then proceed to order wire transfers of funds. These are commonly referred to as "boy-in-the-browser" attacks.
Can't my firewall just prevent the windows from popping up? The truth is that, while many malware attacks do emanate from highly responsible sites, a firewall is not always enough to keep the Trojan out. The best method is to employ a managed programs model that ensure round-the-clock monitoring that encompasses
To increase IT security, companies and other organizations should consider the advice and guidance offered by professional IT consultants who can set up robust security measures to prevent such malicious threats.
Think your IT security may have been compromised? Request a free consultation to find out!
Written by the technical staff at iCorps Technologies.