Multi-Factor Authentication is Top Priority
In light of current world events, experts are urging businesses of all sizes to bolster security, with Multi-Factor Authentication (MFA) as top priority for the protection of our digital assets.
While conflict may seem far away for most of us, the reality is that cyberspace knows no borders – and so, neither do cybercriminals, who are taking advantage of unstable climates and profiting from distracted or unprepared victims. Cybercrime has surged across the globe. When the Russian-Ukraine conflict broke out, cyberattacks reportedly increased by 800% in 48 hours. Things are only expected to worsen as the crisis continues.
What are the risks?
Bad actors are taking advantage of crisis in various ways. Phishing scams are being reported daily, with attackers often attempting to solicit an emotional response to the war, luring unsuspecting victims to “donate money to the cause” – posing as troubled Ukrainian citizens or even relief organizations, just for example. Denial of Service (DoS) attacks aim to take down or crash entire systems. Malware that simply destroys data is an increasing worry, especially for large organizations as in the energy and financial sectors where it can cause critical infrastructures to fail. And, topping the list of cybercrime methods is Ransomware, with which attackers aim to force victims to pay large sums of money to regain access to networks and digital assets.
Ransomware is the preferred attack method for cybercriminals – Businesses of all sizes are targets. Small businesses are at the highest risk.
With Ransomware as their #1 attack method, cybercriminals – increasingly organized and sophisticated – make money on volume, not on the size of any one victim. It may seem as though ransomware attacks target big companies in search of a big payoff, but more and more attackers are using “spray and pray” methods, aiming to reach as many targets as possible. This means businesses of all sizes are being targeted, with small business at particularly high risk.
Homeland Security Secretary Alejandro Mayorkas estimated last year that one-half to three-quarters of ransomware victims are small businesses.
Many small business owners don’t believe they will fall victim to cyber-attack, but bad actors are seeing them as increasingly easy targets. While large companies make the headlines, smaller companies are often the “low hanging fruit” for cybercriminals. It’s tempting to think that smaller businesses have less to offer of value to a cybercriminal, but in fact, they have access to the same critical data that attackers are looking for.
Here are just some of the reasons smaller companies are increasingly common targets for cybercriminals:
- Smaller companies tend to have fewer resources and staff in place to prepare for, defend against and recover from attacks. (An estimated 60 percent of small businesses who suffer an attack will fail.)
- Small businesses are frequently unaware of which of their systems are exposed online, so they may be easily compromised.
- Smaller companies don’t always keep software up to date or patch security flaws.
- They don’t know the vulnerabilities of the third-party software / SaaS Apps they rely upon.
- They don’t back up files.
- They often reuse passwords or share them with colleagues.
- They don’t use multifactor authentication (MFA) to protect resources.
The cost for poor cybersecurity can be devastating, with ransom sums soaring into the tens of thousands per victim.
The good news: There are simple, practical steps that can be taken right now to prevent attacks – steps that do not require big budgets, hours of work, or hiring of staff.
Experts and organizations like The United States Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) have issued warnings to businesses to “batten the hatches” across their organizations, with specific recommendations for companies. CISA’s “Sheilds Up” approach puts MFA at the top of the list.
Here is what CISA recommends:
Protective Controls and Architecture
- Deploy application control software to limit the applications and executable code that users can run. Email attachments and files downloaded via links in emails often contain executable code.
Identity and Access Management
- Use multi-factor authentication, particularly for webmail, virtual private networks, and accounts that access critical systems.
- Limit the use of administrator privileges. Users who browse the internet, use email and execute code with administrator privileges make for excellent spearphishing targets because their system—once infected—enables attackers to move laterally across the network, gain additional accesses, and access highly sensitive information.
- Enable antivirus and anti-malware software and update signature definitions in a timely manner. Well-maintained antivirus software may prevent the use of commonly deployed attacker tools that are delivered via spearphishing.
- Be suspicious of unsolicited contact via email or social media from any individual you do not know personally. Do not click on hyperlinks or open attachments in these communications.
- Consider adding an email banner to emails received from outside your organization and disabling hyperlinks in received emails.
- Train users through awareness and simulations to recognize and report phishing and social engineering attempts. Identify and suspend access of user accounts exhibiting unusual activity.
- Adopt threat reputation services at the network device, operating system, application, and email service levels. Reputation services can be used to detect or prevent low-reputation email addresses, files, URLs, and IP addresses used in spearphishing attacks.
Vulnerability and Configuration Management
Install updates/patch operating systems, software, and firmware as soon as updates/patches are available. Prioritize patching
Why MFA is important
“Multi-factor authentication (MFA) is a layered approach to securing your online accounts and the data they contain. When you enable MFA in your online services (like email), you must provide a combination of two or more authenticators to verify your identity before the service grants you access. Using MFA protects your account more than just using a username and password. Users who enable MFA are 99% less likely to get hacked, according to Microsoft. Why? Because even if one factor becomes compromised, unauthorized users will be unable to meet the second authentication requirement – ultimately stopping them from gaining access to your accounts.”
– Source: CISA
For optimum protection, you can eliminate the #1 threat behind cyberattacks – the Password. Using Passwordless MFA for Zero Trust Access will vastly improve security AND simplify the user experience.
To learn more about how you can implement Passwordless MFA for your company, please reach out at any time for a consultation or demo.