MFA : Critical, Not Invincible

Table of Contents

How Helpful is MFA in 2024?

In 2024, it is commonly known that multi-factor authentication (MFA) is an important first line of defence in cyber security. Requiring multiple forms of verification, significantly reduces the risk of unauthorized access, even if one factor (like a password) is compromised. Thankfully, most New Zealand organizations are focused on implementing MFA to enhance their security posture.

In 2019, Microsoft stated that MFA was a “simple action you can take to prevent 99.9 percent of attacks on your accounts.” Five years on, that may still be true, but the size of the 0.1% seems to have grown.

Effective cyber security employs a layered approach, called defence-in-depth. So while MFA is still a critical cybersecurity protection, it is by no means invincible and must be accompanied by complementary protections. Cyber attackers have developed sophisticated methods to circumvent MFA, and your cybersecurity strategy needs to take this into account.

What are the ways that MFA can be thwarted?

One common method is MFA fatigue. Attackers bombard users with repeated authentication requests, hoping the user will eventually approve one out of frustration or confusion. This social engineering tactic exploits human error, making it a potent tool for bypassing MFA. Another social-engineering technique is to reach out to contacts of an already compromised account requesting MFA credentials. Posing as a trusted contact circumvents our normal psychological warning systems.

Yet another technique is one we hear of a lot, phishing. Attackers trick users into revealing their MFA codes by creating convincing yet fake login pages or sending deceptive emails. Once the user enters their credentials and MFA code, the attacker captures this information and gains access to the account.

Man-in-the-middle (MitM) attacks are also prevalent. In these attacks, cybercriminals intercept the communication between the user and the authentication server. By doing so, they can capture login credentials and MFA codes, effectively bypassing the security measures.

Token theft is another method where attackers steal session tokens stored on a user’s device. These tokens can be used to authenticate the attacker without needing the MFA code again.

So how can we protect ourselves?

To combat MFA circumvention, organizations can implement several strategies:

  1. Educate users: Regular training on recognizing phishing attempts and the importance of not approving unexpected MFA requests can reduce the risk of MFA fatigue and phishing attacks.
  2. Use robust MFA methods: Implementing hardware tokens or biometric factors can provide stronger security compared to SMS-based MFA, which is more susceptible to interception.
  3. Monitor for unusual activity: Continuous monitoring of login attempts and user behaviour can help detect and respond to suspicious activities promptly.
  4. Implement conditional access policies: Restrict access based on factors such as location, device, and risk level to add an extra layer of security.
  5. Employ advanced web-filtering and link-scanning systems: Utilizing these tools can help prevent users from accessing malicious websites and clicking on harmful links, thereby reducing the risk of phishing and MitM attacks.

By understanding these attack vectors and adopting a defence-in-depth approach, organisations can significantly enhance their defence against MFA bypass attacks.

How iT360 Provides the Protection Needed

iT360 understands the evolving landscape of cyber threats and the limitations of MFA. That’s why they offer a comprehensive suite of security solutions designed to complement and strengthen MFA, providing robust protection against sophisticated attacks. Here’s how iT360 helps:

  • Advanced Web Filtering and Link Scanning: iT360 employs state-of-the-art web filtering and link scanning systems to prevent users from accessing malicious websites and clicking on harmful links, mitigating the risk of phishing and MitM attacks.
  • Robust MFA Methods: iT360 assists in implementing robust MFA methods, including hardware tokens and biometric factors, which offer stronger security compared to SMS-based MFA.
  • Conditional Access Policies: iT360 helps implement conditional access policies, restricting access based on factors like location, device, and risk level, adding an extra layer of security.
  • Security Awareness Training: iT360 provides comprehensive security awareness training to educate users about phishing scams, MFA fatigue, and other social engineering tactics, empowering them to make informed decisions and avoid security breaches.
  • 24/7 Monitoring and Incident Response: iT360’s 24/7 security monitoring and incident response services ensure that any suspicious activity is detected and addressed promptly, minimizing the impact of potential attacks.

By partnering with iT360, organizations can leverage their expertise and comprehensive security solutions to bolster their defenses against MFA bypass attacks and establish a robust security posture. Contact Us Today for a consultation.

Read this helpful Article from Microsoft for further information.

Other People Also Viewed These Articles

Leave a Comment