MitM attacks now target machine identities, tokens, and agent traffic

At a glance

What this is: This article maps seven modern man-in-the-middle attack paths and shows how intercepted credentials become durable access when tokens, certificates, or device credentials are overprivileged and long-lived.

Why it matters: It matters because IAM, PAM, NHI, and Zero Trust programmes all depend on access that can be constrained, verified, and revoked before an intercepted credential turns into lateral movement or persistent control.

By the numbers:

• Automated cyber threat activity surged 16.7%
• 80:1
• 42%

👉 Read Apono's analysis of seven MitM attack paths and identity controls

Context

Man-in-the-middle attacks are interception attacks, but in modern environments they rarely stop at reading traffic. They now target machine identities, tokens, device enrollments, and DNS trust paths, which means the security problem is as much about identity governance as transport security. For IAM and NHI teams, the core issue is whether a captured session or credential can still be used.

The article argues that passwords and simple MFA are not enough when access persists after interception. That makes short-lived permissions, per-call authorisation, and device-bound trust critical across human, workload, and agent-driven flows. The governance question is no longer whether interception is possible, but whether the intercepted identity still has reusable power.

Key questions

Q: How should security teams reduce the risk of MitM attacks against machine identities?

A: Security teams should make captured credentials less useful. The practical controls are short-lived tokens, certificate-based device binding, mutual TLS for service traffic, strong DNS governance, and rapid revocation when sessions look abnormal. The goal is to remove durable trust from any identity artefact that can be intercepted in transit.

Q: Why do MitM attacks remain effective even when MFA is deployed?

A: MFA protects initial authentication, but many MitM attacks target the session after authentication has already succeeded. If the attacker steals a cookie, token, or device credential, they can replay it without re-entering a password or second factor. That is why session control matters as much as login control.

Q: What breaks when service accounts keep long-lived standing access?

A: Long-lived standing access turns one intercepted credential into a reusable credential for lateral movement and persistence. If the token or account is not scoped tightly, the attacker can impersonate the service for as long as it remains valid. That makes revocation speed and privilege scope the decisive controls.

Q: Who is accountable when intercepted credentials are reused across cloud and agent traffic?

A: Accountability sits with the teams that own identity lifecycle, token issuance, DNS governance, and service-to-service trust, not just the network team. In practice, MITM risk spans IAM, NHI, PAM, and platform engineering, so control ownership must be explicit across all four domains.

Technical breakdown

How MitM turns transport interception into identity abuse

A MitM attack becomes an identity event when the attacker can reuse what was captured in transit. Cookies, bearer tokens, API keys, and device credentials often function as proof of identity, so interception can bypass passwords entirely. In cloud-native systems, that matters most where service-to-service calls, CI/CD pipelines, and delegated agent traffic rely on static trust. TLS protects confidentiality in motion, but it does not make a long-lived token safe if the token itself remains valid after capture.

Practical implication: treat every reusable secret as a potential session hijack point and constrain its lifetime, scope, and binding.

Why DNS and certificate trust are identity controls, not just network controls

DNS spoofing, registrar compromise, and certificate abuse redirect users and services toward attacker-controlled endpoints without visibly breaking the connection model. That is why DNSSEC, registrar protection, certificate transparency, and automated renewal are not merely network hardening measures. They preserve the trust chain that tells a browser, workload, or agent whether it is talking to the right identity. Once that trust chain is broken, the attacker can intercept credentials while appearing legitimate to both sides of the exchange.

Practical implication: protect DNS and certificate governance with the same discipline you apply to privileged access.

Why agent-to-agent MitM changes the control model

Agent-to-agent MitM is more dangerous than classic session theft because the attacker can manipulate both the communication path and the action sequence. When agents exchange instructions, telemetry, or tool calls without mutual authentication and request signing, a malicious intermediary can inject commands or alter context. That creates a governance gap between identity, intent, and execution. The control problem shifts from 'who authenticated' to 'which actor was authorised to influence the next action'.

Practical implication: require signed, mutually authenticated, replay-resistant agent traffic before letting any automated workflow reach sensitive systems.

Threat narrative

Attacker objective: The attacker wants to convert a single interception into reusable identity power that can persist beyond the original session and support unauthorised access or manipulation.

1. Entry occurs when attackers exploit exposed network paths, weak Wi-Fi trust, DNS compromise, or vulnerable agent communications to position themselves between two legitimate parties.
2. Credential access happens when the attacker captures cookies, session tokens, API keys, certificates, or device credentials from the intercepted exchange.
3. Impact follows when those stolen identities are replayed to impersonate users, workloads, or agents and access sensitive systems without triggering password-based controls.

Breaches seen in the wild

• Moltbook AI agent keys breach — Moltbook breach exposed 1.5M AI agent keys.
• AI LLM hijack breach — attackers used stolen AWS access keys to hijack Anthropic LLM models on Bedrock.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

Standing credential exposure is now a MitM multiplier, not a background weakness. The article's most important pattern is that intercepted access only becomes damaging when the credential remains valid long enough to be replayed. That is classic NHI risk, but the blast radius expands when tokens, certificates, and device credentials cross trust boundaries without tight expiry. Practitioners should read this as a signal that reusable identity artefacts are the real target, not just the network path.

Machine identities create the largest exposure surface because they are both numerous and poorly watched. A compromise that touches one service account or workload token can cascade across APIs, pipelines, and agent traffic. That is why NHI governance cannot be reduced to secret storage alone: the problem is lifecycle control, scope control, and revocation discipline across machine credentials. The implication is that standing trust in machine-to-machine exchange is the weak point.

Zero Standing Privilege is the correct control lens for interception-resistant identity governance. MitM attacks work when a captured identity can be used later with the same power it had at capture time. Short-lived, narrowly scoped access changes the economics of interception because the stolen artefact decays before it can be operationalised. Practitioners should treat ZSP as a blast-radius control for both human and non-human identities.

Agent traffic introduces a named failure mode: intercepted intent. In agent-to-agent and agent-to-target flows, the attacker does not need to own the endpoint if they can manipulate the instructions between them. That assumption was designed for request/response systems where identity proves presence, not for runtime actors that can accept and act on altered context. The implication is that governance must be rebuilt around message provenance and action integrity, not just authentication.

Network trust and identity trust have converged. DNS, certificates, device posture, and token validity now jointly determine whether a session should be trusted. If any one of those layers is weak, an interceptor can convert transport access into identity abuse. Practitioners should stop treating MitM as a perimeter problem and manage it as a cross-domain identity risk.

From our research:

• Machine identities now outnumber human identities by as much as 80:1, according to Ultimate Guide to NHIs , Why NHI Security Matters Now.
• 64% of valid secrets leaked in 2022 are still valid and exploitable today, proving that detection alone is not enough without automated revocation.
• Related reading: Review The 52 NHI breaches Report for recurring patterns in token replay, overprivilege, and exposed machine credentials.

What this signals

Intercepted access is now a governance problem, not just an encryption problem. When 80:1 machine-to-human identity ratios are already reshaping enterprise environments, the security team that still treats MitM as a transport issue will miss the real failure point. The programme signal is clear: identity-bound controls must follow the session, the device, and the service account.

Ephemeral trust debt: every token, certificate, and delegated session that can outlive the moment of use adds latent exposure to the identity stack. For teams running cloud and agent-heavy environments, that means access review cycles alone are insufficient unless they are paired with automatic expiry and revocation.

The practical direction is toward per-call authorisation, device binding, and stricter provenance checks for machine-to-machine traffic. Teams that already track NHI sprawl should also align their controls to OWASP Non-Human Identity Top 10 and Zero Trust principles in CISA cyber threat advisories.

For practitioners

• Shorten token and certificate lifetimes Make every session credential, API key, and device certificate short-lived, scoped, and auto-expiring so captured values decay before they can be replayed. Pair this with automatic revocation when unusual network paths or duplicate sessions appear.
• Harden DNS and registrar governance Enable DNSSEC, lock registrar accounts with MFA and role separation, and require multi-person approval for DNS changes. Monitor passive DNS and certificate transparency so hijacks and fraudulent issuance are detected quickly.
• Bind high-value access to device context Use device-bound tokens, certificate-based device authentication, and posture checks so a token captured on an untrusted network cannot be replayed elsewhere without additional verification.
• Require signed agent-to-agent traffic Mandate mutual TLS, cryptographic request signing, replay protection, and per-call authorisation for service and agent communications. Without message provenance, a proxy can alter instructions even when the original identity is valid.

Key takeaways

• MitM attacks now succeed by capturing reusable identity artefacts, not just by intercepting packets.
• Machine identities and long-lived tokens create the biggest blast radius because one replayable credential can unlock multiple systems.
• Short-lived access, device binding, DNS hardening, and signed service traffic are the controls that make interception far less useful.

Key terms

• Man-in-the-middle attack: A man-in-the-middle attack is an interception technique where an attacker positions themselves between two parties and can read or alter traffic. In identity-heavy environments, the real danger is often the ability to steal or replay credentials, tokens, or certificates rather than simply eavesdrop on data.
• Machine identity: A machine identity is the credential set used by a workload, service, device, or agent to prove who it is. Unlike a human login, it often operates continuously and at high scale, so governance depends on lifecycle control, scope control, rotation, and revocation discipline.
• Zero Standing Privilege: Zero Standing Privilege is a model in which access is not permanently granted and must be issued only when needed. For machine and human identities alike, it reduces the value of intercepted credentials because the attacker cannot rely on durable access remaining available later.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity lifecycle are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.

This post draws on content published by Apono: 7 Man-in-the-Middle (MitM) Attacks to Look Out For. Read the original.