Security News > 2021 > June > Can your MFA implementations stymie MFA bypass attacks?

Can your MFA implementations stymie MFA bypass attacks?
2021-06-09 12:31

Shay Nahari, Head of Red-Team services at CyberArk, says that they've been increasingly asked by customers to probe their multi-factor authentication defenses, which lead them to pinpoint four main attack vectors used by threat actors to circumvent MFA controls, by exploiting: architectural and design flaws, insecure channels, side channel attacks and insufficient attack surface coverage.

The cybersecurity industry has been extolling the virtues of MFA use for years.

According to Microsoft, using any kind of MFA "Significantly increases the costs for attackers, which is why the rate of compromise of accounts using any type of MFA is less than 0.1% of the general population."

Attackers are always on the lookout for ways to bypass MFA protections, whether through vulnerabilities, legacy authentication protocols that do not fully support MFA, rogue apps, and so on.

Even though the COVID-19 pandemic resulted in a spike in remote working and a consequent call for a wider MFA implementation, CoreView found that, for example, most enterprise Microsoft 365 administrators do not have MFA activated.

While MFA controls may stop some run-of-the-mill attacks like attempted account hijacking through brute-forcing, it is sometimes not a big enough obstacle for determined attackers set on compromising a specific enterprise target.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/jgDUxbPQ0cE/