Even giant companies like Cisco can be hacked. Oftentimes, the bad guys get in with a little help from human error. Let’s take a look at a few of the particulars of the recent Cisco breach and what we can do to prevent helping the bad guys access our networks.

How did the bad guys gain access? An employee had stored credentials for the VPN they used in their Chrome internet browser. Once the attacker got into the employee’s Google account, they could sync the credentials to their own Google account. They used this VPN to access Cisco’s networks, exploiting a security gap that now has a patch.

Why not use MFA? They did! Multifactor authentication (MFA) is a great layer of defense. It is not, however, impenetrable. Apparently, the bad guys tried to go around MFA in three different ways, and one of them worked. Here they are:

1. 1. Vishing. Voice phishing is a scam that uses a standard voice phone call as part of the ruse. Often, they pretend to be a customer service representative for the company whose access they are trying to steal.
   2. MFA fatigue. Also known as MFA Bombing, this occurs when attackers send a series of MFA notifications to victims in order to trick them into granting access. The requests to authenticate can be via push notification or by phone, requesting the victim press a key. This is often done late at night or at other times victims are expected to be less on their guard.
   3. MFA spoofing. Malware can be caught by opening a link or file on your device. Attackers have coded some kinds of malware to send duplicates of your text messages to their phone—including SMS-based MFA codes.

4 habits to make your MFA stronger:

• 1. Use a separate password manager for your password storing and sharing needs. Try to find one that is well rated and lets you share access without sharing the actual credentials.
  2. Keep an ear out for calls that do not sound quite right. Keep in mind that services should ever call and ask you your MFA code over the phone. For more on vishing, see our blog.
  3. No matter how much it is bugging you, do not authorize access you did not request. Use special caution when it comes to MFA push requests and automated calls that require you to press a number. If you get a series of these, notify your IT provider right away—and maybe put your phone on silent.
  4. Keep an eye out for phishing red flags and make sure you browse safe sites. This should help you avoid downloading malware. Your MSP will also likely be able to implement software that will help weed out phishing emails and malicious links.

Want to know more about the Cisco breach?

Get more details from HackRead’s original post.