MFA Work Arounds
Even giant companies like Cisco can be hacked. Oftentimes, the bad guys get in with a little help from human error. Let’s take a look at a few of the particulars of the recent Cisco breach and what we can do to prevent helping the bad guys access our networks.
How did the bad guys gain access? An employee had stored credentials for the VPN they used in their Chrome internet browser. Once the attacker got into the employee’s Google account, they could sync the credentials to their own Google account. They used this VPN to access Cisco’s networks, exploiting a security gap that now has a patch.
Why not use MFA? They did! Multifactor authentication (MFA) is a great layer of defense. It is not, however, impenetrable. Apparently, the bad guys tried to go around MFA in three different ways, and one of them worked. Here they are:
- Vishing. Voice phishing is a scam that uses a standard voice phone call as part of the ruse. Often, they pretend to be a customer service representative for the company whose access they are trying to steal.
- MFA fatigue. Also known as MFA Bombing, this occurs when attackers send a series of MFA notifications to victims in order to trick them into granting access. The requests to authenticate can be via push notification or by phone, requesting the victim press a key. This is often done late at night or at other times victims are expected to be less on their guard.
- MFA spoofing. Malware can be caught by opening a link or file on your device. Attackers have coded some kinds of malware to send duplicates of your text messages to their phone—including SMS-based MFA codes.
4 habits to make your MFA stronger:
- Use a separate password manager for your password storing and sharing needs. Try to find one that is well rated and lets you share access without sharing the actual credentials.
- Keep an ear out for calls that do not sound quite right. Keep in mind that services should ever call and ask you your MFA code over the phone. For more on vishing, see our blog.
- No matter how much it is bugging you, do not authorize access you did not request. Use special caution when it comes to MFA push requests and automated calls that require you to press a number. If you get a series of these, notify your IT provider right away—and maybe put your phone on silent.
- Keep an eye out for phishing red flags and make sure you browse safe sites. This should help you avoid downloading malware. Your MSP will also likely be able to implement software that will help weed out phishing emails and malicious links.
Want to know more about the Cisco breach?
Get more details from HackRead’s original post.
ABOUT FRONTLINE TECHNOLOGY LLC
Frontline Technology is one of the only ministry-focused IT companies that is led by pastors and ministry leaders. With over 20 years' experience serving organizations of all sizes, Frontline understands the unique needs, budgets, and technology challenges of nonprofits.
Technology is often perceived as complicated and expensive. Many nonprofits struggle to implement the technology solutions and security needed to drive their mission forward. Frontline Technology helps nonprofits overcome their technology challenges so they can stay focused on their mission.
For nonprofits of every type and size: We Keep IT Simple
Frontline Technology is one of the only ministry-focused IT companies that is led by pastors and ministry leaders.