What is a “man in the middle” attack?

In a man in the middle (or MITM) attack, communication between two endpoints is compromised by a third party – the ‘man in the middle’. In a passive MITM attack attackers ‘tap’ the communication, capturing information in transit without changing it. If attackers attempt to to modify or tamper with the information itself they are committing an active MITM attack. A very common way to launch a MITM attack is by creating a fake node on an publicly-available computer network, such as a coffeeshop’s WiFi network.

Properly created, deployed and configured SSL/TLS certificates protect against passive MITM attacks by encrypting information passed across networks. SSL/TLS certificates also make active MITM attacks much more difficult, since attackers must take extra measures to compromise protected connections.