Cyber attackers pare victim list but target finance firms
The number of ransomware victims declined by 40% quarter-over-quarter in the first quarter 2022 to 698, although attacks against the finance industry grew, cybersecurity firm KELA reported. Some hackers changed tactics by listing a victim on a leak site as an unspecific “new company” before revealing its name.
There are over 300 million fraudulent sign-in attempts to the Microsoft cloud services every day. Cyberattacks aren’t slowing down any time in the near future, and it’s worth noting that most attacks have been successful simple means. It only takes is one compromised set of credentials (user name/password), a legacy or an unpatched application to cause a data breach. This shows how critical it is to ensure password security and a strong authentication process.
Learning about common vulnerabilities and the single most important action that you can take to protect your accounts from attacks is MFA.
Business email compromise, an attacker can gain access to a corporate email account, through phishing or spoofing, and can use it to exploit a system for many reasons. Accounts protected with only a user account and password are the easiest to compromise.
Legacy protocols can create a major vulnerability because applications that use basic protocols, such as SMTP, were not designed to manage Multi-Factor Authentication (MFA). So even if you require MFA for most use cases, attackers will search for opportunities to use outdated browsers or email applications to force the use of less secure protocols.
Password Usage, Considering that up to 73 percent of passwords are duplicates, this has been the most successful strategy for many attackers and it’s easy to do. The process of password spray and credential stuffing attacks make it easy to compromise a system. Common passwords and credentials compromised by attackers in public breaches, social media share and tell sessions are used against corporate accounts to try to gain access.
Multi Factor Authentication (MFA)
What you can do to protect your organization
You can help prevent some of these attacks by banning the use of bad passwords through group policies and enabling a stricter password policy, blocking legacy authentication, and training employees on phishing attacks. However, one of the simplest and most effective things you can do is to just turn on MFA. By providing an extra barrier and layer of security that makes it incredibly difficult for attackers to get past, MFA can block over 99.9 percent of account compromise attacks. With MFA enabled, knowing or cracking the password won’t be enough to gain access.
According to the SANS Software Security Institute there are two primary obstacles to companies adopting MFA implementations today:
A misconception that MFA requires external hardware devices.
Concerns about potential user disruption or concern over what may break.
Matt Bromiley, a SANS Digital Forensics and Incident Response instructor, says, “It doesn’t have to be an all-or-nothing approach. There are different approaches your organization could use to limit the disruption while moving to a more advanced state of authentication.” These include a role-based or by application approach—starting with a small group and expanding from there. Bret Arsenault shares his advice on transitioning to a passwordless model in Preparing your enterprise to eliminate passwords.
Passwordless authentication technologies are not only more convenient for end users but are extremely difficult and costly for hackers to compromise. Learn more about Microsoft passwordless authentication solutions in a variety of form factors to meet user needs.