Call (716) 373-4467

The new year has just begun and it’s a time of renewal as we plan for the possibilities to come in 2023. It’s also a time when you need to plan for resiliency in the face of ever-present cyberattacks.

Sixty-eight percent of surveyed business leaders feel that cybersecurity risks are getting worse, and they have a good reason. Attacks continue to get more sophisticated. They are also often perpetrated by large criminal organizations. These criminal groups treat these attacks like a business. 

In 2021, the average number of global cyberattacks increased by 15.1%.

To protect your business in the coming year, it’s important to watch the attack trends. What new methods are hackers using? What types of attacks are increasing in volume? Knowing these things is important. It helps you better update your IT security to mitigate the risk of a data breach or malware infection.

We’ve pulled out the security crystal ball for the upcoming year and we’ve researched what cybersecurity experts are expecting. Here are the attack trends that you need to watch out for.

 

Attacks on 5G Devices

The world has been buzzing about 5G for a few years. It is finally beginning to fulfill the promise of lightning-fast internet. As providers build out the infrastructure, you can expect this to be a high-attack area.

Hackers are looking to take advantage of the 5G hardware used for routers, mobile devices, and PCs. Anytime you have a new technology like this, it’s bound to have some code vulnerabilities. This is exactly what hackers are looking to exploit.

You can prepare by being aware of the firmware security in the devices you buy. This is especially true for those enabled for 5G. Some manufacturers will build better firmware security into their designs than others. Make sure to ask about this when purchasing new devices.

 

One-Time Password (OTP) Bypass

This alarming new trend is designed to get past one of the best forms of account security. Multi-factor authentication (MFA) is well-known as very effective at preventing fraudulent sign-in attempts. It can stop account takeovers even in cases where the criminal has the user’s password.

There are a few different ways that hackers try to bypass MFA. These include:

  • Reusing a token: Gaining access to a recent user OTP and trying to reuse it
  • Sharing unused tokens: The hacker uses their own account to get an OTP. Then attempts to use that OTP on a different account.
  • Leaked token: Using an OTP token leaked through a web application.
  • Password reset function: A hacker uses phishing to fool the user into resetting a password. They then trick them into handing over their OTP via text or email.

Interested in learning more about Multi-Factor Authentication and how it can enhance your businesses cybersecurity? Read more about it here.

 

Attacks Surrounding World Events

During the pandemic, the cyberattack volume increased by approximately 600%. Large criminal hacking groups have realized that world events and disasters are lucrative.

They launch phishing campaigns for world events. Attacks come for everything from the latest hurricane or typhoon to the war in Ukraine. Unsuspecting people often fall for these scams. This is because they are often distracted by the crisis.

People need to be especially mindful of scams surrounding events like these. They will often use social engineering tactics, such as sad photos, to play on the emotions.

 

Smishing & Mobile Device Attacks

Mobile devices go with us just about everywhere these days. This direct connection to a potential victim is not lost on cybercriminals. Be on the lookout for more mobile device-based attacks, including SMS-based phishing (“smishing”).

Many people aren’t expecting to receive fake messages to their personal numbers. But cell numbers are no longer as private as they once were. Hackers can buy lists of them online. They then craft convincing fake texts that look like shipping notices or receipts. One wrong click is all it takes for an account or data breach.

Mobile malware is also on the rise. During the first few months of 2022, malware targeted to mobile devices rose by 500%. It’s important to ensure that you have good mobile anti-malware. As well as other protections on your devices, such as a DNS filter.

 

Elevated Phishing Using AI & Machine Learning

These days, phishing emails are not so easy to spot. It used to be that they nearly always had spelling errors or grainy images. While some still do, most don’t.

Criminal groups elevate today’s phishing using AI and machine learning. Not only will it look identical to a real brand’s emails, but it will also come personalized. Hackers use these tactics to capture more victims. They also allow hackers to send out more targeted phishing messages in less time than in years past.

 

Schedule a Cybersecurity Check-Up Today

Is your business prepared for the cyber threats coming in 2022? Don’t wait to find out the hard way! Contact us today at 716-373-4467 x 115 or info@databranch.com to schedule a cybersecurity check-up to stay one step ahead of the digital criminals.

 

Article used with permission from The Technology Press.

 

Ever since passwords have been around, they’ve been a major source of security concern. Eighty-one percent of security incidents happen due to stolen or weak passwords. Additionally, employees continue to neglect the basics of good cyber hygiene.

For example, 61% of workers use the same password for multiple platforms. Plus, 43% have shared their passwords with others. These factors are why compromised credentials are the main cause of data breaches.

Access and identity management have become a priority for many organizations. This is largely due to the rise of the cloud. As well as the practice of people needing to only enter a username and password to access systems.

Once a cybercriminal gets a hold of an employee’s login, they can access the account and any data that it contains. This is especially problematic when it’s an account like Microsoft 365 or Google Workspace since these accounts can access things like cloud storage and user email.

Below, we’ll explain what conditional access is, as well as how it works with multi-factor authentication (MFA). We’ll also review the advantages of moving to a conditional access process.

 

What Is Conditional Access?

Conditional access is also known as contextual access. It is a method of controlling user access. You can think of it as several “if/then” statements, meaning “if” this thing is present, “then” do this.

For example, conditional access allows you to set a rule that would state the following. “If a user is logging in from outside the country, require a one-time-passcode.”

Conditional access allows you to add many conditions to the process of user access to a system. It is typically used with MFA. This is to improve access security without unnecessarily inconveniencing users.

Some of the most common contextual factors used include:

  • IP address
  • Geographic location
  • Time of day
  • The device used
  • Role or group the user belongs to

Conditional access can be set up in Azure Active Directory. It can also be set up in another identity and access management tool. It’s helpful to get the assistance of your IT partner. We can help with setup and the conditions that would make the most sense for your business.

 

The Benefits of Implementing Conditional Access for Identity Management

 

Improves Security

Using conditional access improves security and allows you more flexibility in challenging user legitimacy. It doesn’t just grant access to anyone with a username and password. Instead, the user needs to meet certain requirements.

Contextual access could block any login attempts from countries where no employees are. It could also present an extra verification question when employees use an unrecognized device.

 

Automates the Access Management Process

Once the if/then statements are set up, the system takes over. It automates the monitoring for contextual factors and takes the appropriate actions. This reduces the burden on administrative IT teams. It also ensures that no one is falling between the cracks.

Automated processes are more accurate and reliable than manual processes. Automation removes the human error component. This helps ensure that each condition is being verified for every single login.

 

Allows Restriction of Certain Activities

Conditional access isn’t only for keeping unauthorized users out of your accounts, you can use it in other ways as well. One of these is to restrict the activities that legitimate users can do.

For example, you could restrict access to data or settings based on a user’s role in the system. You can also use conditions in combination. Such as, lowering permissions to view-only. You could trigger this if a user holds a certain role and is logging in from an unknown device.

 

Improves the User Login Experience

Studies show that as many as 67% of businesses don’t use multi-factor authentication. This is despite the fact that it’s one of the most effective methods to stop credential breaches.

One of the biggest reasons it is not used is because of the inconvenience factor for employees. They may complain that it interferes with productivity. Or say that it makes it harder for them to use their business applications.

Using conditional access with MFA can improve the user experience. For example, you can require MFA only if users are off the premises. You can put in place extra challenge questions on a role or context-based basis. This keeps all users from being inconvenienced.

Interested in learning more about MFA and how it can increase cybersecurity for your business? Click here to read more.

 

Enforces the Rule of Least Privilege

Using the rule of least privilege is a security best practice. It means only granting the lowest level of access in a system as necessary for a user to do their work. Once you have roles set up in your identity management system, you can base access on those roles.

Conditional access simplifies the process of restricting access to data or functions. You can base this on job needs. It streamlines identity management. This is because it contains all functions in the same system for access and MFA rules. Everything stays together, making management simpler.

 Click here to read more about local admin privileges and the associated risks.

 

Get Help Implementing Conditional Access Today!

Once conditional access is set up, the automated system takes over. It improves your security and reduces the risk of an account breach. Contact Databranch today at 716-373-4467 x115, info@databranch.com, or fill out the form below to request a consultation to enhance your cybersecurity. 

 

Article used with permission from The Technology Press.

Credential theft is now at an all-time high and is responsible for more data breaches than any other type of attack.

With data and business processes now largely cloud-based, a user’s password is the quickest and easiest way to conduct many different types of dangerous activities.

Being logged in as a user (especially if they have admin privileges) can allow a criminal to send out phishing emails from your company account to your staff and customers. The hacker can also infect your cloud data with ransomware and demand thousands of dollars to give it back.

How do you protect your online accounts, data, and business operations? One of the best ways is with multi-factor authentication (MFA).

It provides a significant barrier to cybercriminals even if they have a legitimate user credential to log in. This is because they most likely will not have access to the device that receives the MFA code required to complete the authentication process.

What are the Three Methods of MFA?

When you implement multi-factor authentication at your business, it’s important to compare the three main methods of MFA and not just assume all methods are the same. There are key differences that make some more secure than others and some more convenient.

Let’s take a look at what these three methods are:

1. SMS-Based

The form of MFA that people are most familiar with is SMS-based. This one uses text messaging to authenticate the user.

The user will typically enter their mobile number when setting up MFA. Then, whenever they log into their account, they will receive a text message with a time-sensitive code that must be entered.

2. On-Device Prompt in an App

Another type of multi-factor authentication will use a special app to push through the code. The user still generates the MFA code at login, but rather than receiving the code via SMS, it’s received through the app.

This is usually done via a push notification, and it can be used with a mobile app or desktop app in many cases.

3. Security Key

The third key method of MFA involves using a separate security key that you can insert into a PC or mobile device to authenticate the login. The key itself is purchased at the time the MFA solution is set up and will be the thing that receives the authentication code and implements it automatically.

The MFA security key is typically smaller than a traditional thumb drive and must be carried by the user to authenticate when they log into a system.

Now, let’s look at the differences between these three methods.

What is the Most Convenient Form of MFA?

Users can often feel that MFA is slowing them down. This can be worse if they need to learn a new app or try to remember a tiny security key (what if they lose that key?).

This user inconvenience can cause companies to leave their cloud accounts less protected by not using multi-factor authentication.

If you face user pushback and are looking for the most convenient form of MFA, it would be the SMS-based MFA.

Most people are already used to getting text messages on their phones so there is no new interface to learn and no app to install.

What is the Most Secure Form of MFA?

If your company handles sensitive data in a cloud platform, such as your online accounting solution, then it may be in your best interest to go for security.

The most secure form of MFA is the security key.

The security key, being a separate device altogether, won’t leave your accounts unprotected in the event of a mobile phone being lost or stolen. Both the SMS-based and app-based versions would leave your accounts at risk in this scenario.

The SMS-based is actually the least secure because there is malware out there now that can clone a SIM card, which would allow a hacker to get those MFA text messages.

A Google study looked at the effectiveness of these three methods of MFA at blocking three different types of attacks. The security key was the most secure overall.

Percentage of attacks blocked:

  • SMS-based: between 76 – 100%
  • On-device app prompt: between 90 – 100%
  • Security key: 100% for all three attack types

What is in Between?

So, where does the app with an on-device prompt fit in? Right in between the other two MFA methods.

Using an MFA application that delivers the code via push notification is more secure than the SMS-based MFA. It’s also more convenient than needing to carry around a separate security key that could quickly become lost or misplaced.

Looking for Help Setting up MFA at Your Company?

Multi-factor authentication is a “must-have” solution in today’s threat climate. Let’s discuss your barrier points and come up with a solution together to keep your cloud environment better secured.

Contact Databranch today at 716-373-4467 x15 or info@databranch.com, we’d be happy to help you out.

 

Article used with permission from The Technology Press.