PASSWORDS ARE ANCIENT.
Learning from cybersecurity attack history.
History has a lot of lessons to teach us as it pertains to cybersecurity, and it’s imperative to learn from those who have been victims of a breach in the past. It’s surprising to still hear of significant breaches related to simple brute-force attacks, and although there is more awareness today to just how weak passwords are in regard to security, many organizations are still failing to adopt strong authentication requirements, especially where it really counts – internet accessible applications and services.
For example, a massive website hacking campaign affecting Magento stores was recently discovered. A script coined MagentoCore had been loaded to collect payment card data from people shopping on Magento sites. The script has been found on 7,339 stores in the past six months. How did this happen? Magento’s control plane was accessible over the Internet and protected by username and password. The cybercriminals merely brute-forced the username and password until they came upon valid credentials that allowed them to inject their card skimming script.
FACEBOOK LOGINS ON SALE ON THE DARK WEB FOR $3.90
Strong authentication is vital to secure all access from the Internet. Requiring an additional step to verify one’s identity is all it takes to prevent someone from just guessing credentials or leveraging compromised credentials sold on the black market. For instance, many companies like Apple and Bank of America have taken measures to help their users address the risk of account takeover by providing them the option to enable a form of multi-factor authentication to secure access to their accounts.
Although this is a move in the right direction, user intervention is still required to participate in MFA for understandable reasons. However, in an enterprise setting, businesses should not hesitate to make strong authentication a requirement and should make it a priority to understand all points of access where strong authentication should be implemented.
In Thycotic’s annual survey of participants at the February 2017 RSA Conference in San Francisco, it was found that 50% of users haven’t changed their social network passwords for a year or more, and 20% have never changed their passwords. Although these stats pertain to social media, it provides insight into general password security behavior. Additionally, if and when a social network site is compromised, those credentials are usually sold in the black market which in turn can be used to brute-force other points of access.
In fact, according to DailyMail.com posted on Oct. 1, 2018, Facebook logins are now for sale on the dark web for just $3.90 each just days after Facebook learned about a breach that affected 50 million user accounts. If a user tends to use the same password for their corporate credentials to access client remote access VPN services, application control planes, or cloud-based applications, this poses a significant risk to a business. However, how can a business know if their users are practicing such behavior?
The more and more we embrace the cloud and become more connected via the Internet, the more we expose ourselves to risks and increase our attack surface. This is a significant vulnerability that affects every business that relies on the security of username and password, especially for Internet-accessible applications and services. Making strong authentication a requirement for all access is truly the de facto standard in our day and age.
There are many great options for multi-factor authentication ranging from traditional One-Time Passwords to push verification methods via mobile apps that have become very popular due to ease of use and simplicity that users are more prone to adopt. Let common sense be your guide – passwords alone are just not good enough these days, and history has plenty of examples as to why.
At Computex, we highly recommend strong authentication to all our customers to improve their security posture and effectively mitigate the risks of account compromise. Identity and Access Management is one of our core cybersecurity managed services that provides our customers essential security features such as multi-factor authentication, single sign-on, and identity lifecycle management allowing them to safely embrace the cloud and take their business to all new heights. Learn more about Computex’s Cybersecurity capabilities by going to: https://www.computex-inc.com/cyber-security/
#multifactorauthentication #breach #magentocore #dailymail #identityandaccessmanagement