A British cyber company, MyCena, explains that the MFA protocol, supposed to be extremely reliable, actually suffers from a vulnerability exploited by Russian hackers.
It’s a cyber alert which, all things considered, has the effect of a bombshell. Multi-factor authentication (MFA or AFM) would no longer constitute a strong enough barrier to resist hackers, according to the firm specializing in the management of segmented access, MyCena. However, it is considered by cybersecurity players as a real additional layer of protection, much more secure, for example, than passwords alone.
MFA protocols and vulnerability exploited to break into the network
Proposed – even imposed – by an increasing number of online services, multi-factor authentication asks the user, to access an account or an application, to confirm his identity by means of a code received by telephone or by scanning, for example, their fingerprint via the biometric option. This method is supposed to better protect the user and prevent, for example, identity theft or a brute force attack (discovery of the password after multiple attempts).
Except that the American ANSSI (the Cybersecurity and Infrastructure Security Agency or CISA) and the cybersecurity section of the FBI have published a joint notice which warns companies and organizations that cyber-actors sponsored by the Russian State have managed to obtain access to the network by exploiting default multi-factor authentication protocols, as well as a vulnerability.
The information is relayed by the London company MyCena, which explains that these hackers assimilated to Russia entered the systems of an NGO in May 2021, by this process, to take control of it.
To have : The best password managers
Multi-factor authentication alone is not enough
Julia O’Toole, founder and boss of MyCena, explains that multi-factor authentication is no longer enough, at least on its own, to protect network access from cybercriminals and other ransomware distributors. ” This MFA vulnerability proves that even the most seemingly secure security methods won’t stop attackers, especially those sponsored by the Russian state adds Julia O’Toole.
The leader, who is concerned that groups specializing in ransomware – such as Conti – support Russia in the conflict between it and Ukraine, calls on companies to invest more in their cyber defense, to prevent attacks, rather than betting on cyber insurance. Some of these assurances no longer cover ransomware as an act of war, prompting cyber groups to announce that they are acting independently of Russia or Ukraine, “ in the hope that the insurance companies continue to finance the ransoms “says MyCena.
Julia O’Toole also bounces on the recent hack of authentication service provider Okta, an American company used around the world. ” Simply relying on multi-factor authentication methods does not prepare organizations for this rising tide of new era cybercriminals. “, notes MyCena. ” A much more effective solution (…) is to regain control over access command and control, by segmenting access and distributing encrypted passwords to employees. “, suggests the London company, which obviously preaches for its parish.
Source: My Cena
13