Security News > 2021 > January > Cloud Attacks Are Bypassing MFA, Feds Warn
The Feds are warning that cybercriminals are bypassing multi-factor authentication and successfully attacking cloud services at various U.S. organizations.
"These types of attacks frequently occurred when victim organizations' employees worked remotely and used a mixture of corporate laptops and personal devices to access their respective cloud services," the alert outlined.
"If you think you're far less likely to be hacked because of MFA, then you are more likely to let your defenses down. But if you understand how MFA can be attacked, and share that with the end users of the MFA and designers of the systems that it relies on, you're more likely to get a better, less risky outcome. The key is to realize that everything can be hacked. MFA doesn't impart some special, magical defense that no hacker can penetrate. Instead, strong security awareness training around any MFA solution is crucial, because to do otherwise is to be unprepared and more at risk."
Budget allocations to cloud security will double as companies look to protect cloud buildouts in the year ahead, according to Gartner.
"[Companies] by shifting the responsibility and work of running hardware and software infrastructure to cloud providers, leveraging the economics of cloud elasticity, benefiting from the pace of innovation in sync with public cloud providers, and more," said David Smith, distinguished VP Analyst at Gartner.
"Malicious cyber-actors are abusing trust in federated authentication environments to access protected data," the advisory read. "The exploitation occurs after the actors have gained initial access to a victim's on-premises network. The actors leverage privileged access in the on-premises environment to subvert the mechanisms that the organization uses to grant access to cloud and on-premises resources and/or to compromise administrator credentials with the ability to manage cloud resources."
News URL
https://threatpost.com/cloud-attacks-bypass-mfa-feds/163056/
Related news
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- Embargo ransomware escalates attacks to cloud environments (source)
- Session Hijacking 2.0 — The Latest Way That Attackers are Bypassing MFA (source)
- Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining (source)
- Google Cloud to make MFA mandatory by the end of 2025 (source)
- All Google Cloud users will have to enable MFA by 2025 (source)