Multi-factor authentication, or MFA, is a simple yet effective method of preventing data breaches – it is also one of the most common links between much of the breaking cybersecurity news coverage of 2021. In particular, the absence of this additional layer of security has been apparent and increasingly noted as a repeated pattern between some of the most prominent victims of cybercrime. Most importantly, it is something which is progressively being (more strongly) recommended by experts and regulators, and quite a few of the latter already require it for compliance in certain industries.
The question remains, however, why have so many companies and institutions have been caught without MFA (or still in the process of slowly implementing it) if it is so useful? This leads into a greater conversation about the different requirements of modern cybersecurity, but the simplified answer is that it can be challenging for organizations to change their operational thinking. Businesses that are more intimately familiar with contemporary security concerns have taken authentication very seriously, while many others have remained with legacy cyber defense stances and have paid for not keeping up with the times.
Here is an explanation of MFA and how its presence or absence has impacted the cybersecurity news of 2021:
What is MFA and How Would It Protect Me?
Multi-factor authentication is, in simplified terms, a process in which the user provides another layer of evidence that proves they have access to the system they are trying to log into. Through a variety of methods, the user would be able to respond to a prompt provided by your organization’s specific MFA tool and submit their additional credentials, allowing to complete the login. Different solutions provide different options for facilitating this extra layer of security, with various levels of complexity with everything from a simple added passcode to actual biometric scanners straight from a science fiction movie.
The Simplicity of Two- and Multi-Factor Authentication
The definition of multi-factor authentication and its process can make it sound much more complicated than it actually is, and many tools offer incredibly simple yet secure procedures that offer minimal disruption. These are similar in function to any other login method where you require an extra PIN, such as an ATM withdrawal, and can be done with a few clicks if your smartphone. In fact, SWK Technologies uses our own MFA internally and can attest to the simplicity of using a downloaded mobile app for push notifications and passcodes that allow us to login quickly and securely.
A Look into the Cybersecurity News of 2021
To understand why multi-factor authentication can play a decisive role in entry-level cyber attacks, this article will review some of the recent cybersecurity news from this year and dive into the common trends between each story:
Colonial Pipeline Hack and Ransomware Infection
The Colonial Pipeline hack is perhaps best known for leading to infamous social media images of individuals hoarding gas in plastic bags, but the case is much more infamous among security experts as clear-cut example of MFA importance. Colonial’s systems were brought down by a ransomware infection that was made possible by the attacker’s using the credentials of a former employee to break into a legacy VPN that lacked any additional login controls beyond a password. Though the Pipeline’s CEO tried to save some face by emphasizing the complexity of the password, this only illustrates how dangerous and widespread the complacency with traditional cybersecurity methods is.
JBS Meatpacking Plant Shutdown
JBS, a huge Brazil-based meat supplier, had their packing plants in the US taken down similar to Colonial Pipeline, being targeted by a ransomware gang linked to the same attackers that hit the former. They also ended up paying a ransom ($11 million to Colonial’s $4.3 million), and similarly recovered most of their systems without the decryption keys provided by the hackers.
NYC Law Department Hacked
The New York City Law Department, which handles most of NYC’s legal issues, announced in early June 2021 that it was the victim of an attack that forced administrators to quickly take their systems down. Spokespeople claimed this prevented a widespread ransomware infection and that no citizen files were compromised, however, when asked specifically about the use of MFA in the Department to prevent exactly this occurrence, the question went unanswered.
Florida Water Treatment Facility and Windows 7
In February 2021, a water treatment facility in Oldsmar, Florida discovered it was the victim of a breach when someone attempted to change chemical levels to lethal dosages. In the news that was revealed in the aftermath, it was discovered that the plant was still using Windows 7 machines – well past End of Support by Microsoft and consequently vulnerable to cyber attack – as well as sharing passwords between users.
Frequent Ransomware Infections of Schools
Schools and universities have often been victims of ransomware for a variety of reasons, from the lack of extensive IT resources to the amount of data they hold (there is also the fact that they must report a breach, unlike some private entities). The University of Massachusetts Lowell has to cancel classes June 8, 2021 because of an attack that occurred while the campus was already trying to implement MFA to prevent such an intrusion.
The Link Between MFA and Scary Cybersecurity News
It is easy to see why the stories where MFA was directly referenced would be linked to this topic, but what about all of the others? Well, you may have noticed that one of the other most common trends was the discreet nature of these specific ransomware infection incidents, as well as in many similar stories of malware attacks. Credentials are one of the most readily available commodities on the Dark Web, going for rates as cheap as $2 for billions and billions of records.
The Oldsmar, Florida water treatment facility hack is a perfect example of many themes in cybersecurity, and the whole incident sits in the middle of a Venn diagram of bad security practices. The usage of systems past End of Life coupled with weak and widely available passwords – some of which were already leaked in past breaches – came only a hair’s breadth from creating a “perfect storm” scenario, and it was only the lack of hacker skill and of financial gain that prevented a devastating cyber attack. The Colonial Pipeline and JBS stories are much indicative of the type of disruption that could be caused with basic login information.
Multi-Factor Authentication is the First Step to Cyber Defense
MFA should just be your first step to cyber defense, but it is one of the most critical in establishing a modern cybersecurity stance. The gap between sophisticated and amateur cybercriminals is wide, but there are many more of the latter and even the former will go for an easy target if you leave your network poorly defended. No matter how complex your passwords are, that login data may very likely be available in cyberspace, and it is only an of issue of when someone will try to use it.
Discover How to Use MFA to Fight Phishing
SWK Technologies will help you learn all you need to know about multi-factor authentication and start your implementation process when the time comes, helping you to seamlessly integrate it with your existing processes. Begin your journey by downloading our free white paper and discover how to fight scary cyber threats like phishing with key facts.
Download our white paper here and learn more about fighting phishing with MFA.