How multifactor authentication can block most login credential attacks

How multifactor authentication can block most login credential attacks

Every day, cybercriminals are coming up with ingenious ways to break through your organization's network security to steal valuable information. In a recent study done by Microsoft, around 300 fraudulent sign-in attempts are done by cybercriminals each day to gain illegal access to Microsoft cloud services.

Melanie Maynes, the senior product manager of Microsoft Security, said that cyberattacks are not slowing down, and most of them have seen considerable success without using advanced technology. She said that all it takes is a single compromised credential or legacy application to cause a security breach.

Common vulnerabilities

SANS Software Security Institute published a report identifying the most common vulnerabilities. These are:

  • Business email compromise – A cyberattack that uses phishing to gain access to one of your company's corporate email accounts. From there, cybercriminals can use this email to steal address books, exploit your system, and steal money.
  • Legacy protocols – Applications using basic and outdated protocols such as SMTP and old browsers can create a major vulnerability in your company's network security. Hackers will find ways for your system to use these outdated and less secure protocols to gain easy access to your data.
  • Reusing passwords – Users who are fond of using the same password for multiple applications can be a serious risk to your organization. Reused passwords stolen by cybercriminals during public breaches can be used to gain access to your company's system. The fact that 73% of passwords used are duplicates makes this a successful and very profitable strategy for cybercriminals.

How can you protect your business?

The vulnerabilities mentioned above have one thing in common: they all use single-factor authentication (SFA). SFA is a process to gain access to a specific system using only a single category of credentials, the most common being a password-based authentication.

Companies are taking steps to prevent cyberattacks by prohibiting the use of weak passwords, providing adequate training about phishing, and blocking authentication processes using legacy protocols. But one of the best forms of protection is multifactor authentication (MFA).

What is MFA

MFA is a security feature that requires a user to present two or more pieces of evidence when logging in to your company's network. This usually falls into three categories: something you know (like your password), something you have (a mobile phone), and something unique to yourself (such as your fingerprint or retina).

Here's an example: Let's say a user is logging in to your company's network and MFA is turned on. What usually happens is that the user first provides a username and password. The next step is using an authenticator app that will give that user a one-time code, and the final step is for the user to provide a thumbprint to complete the authentication process.

How can MFA protect you?

Unlike the widely used single-factor authentication process, MFA can effectively stop 99.9% of all automated attacks. This is because cybercriminals trying to hack your network need to provide additional information and credentials. A hacker can use a phishing attack to acquire a user's credentials, but getting a fingerprint is almost next to impossible.

By using MFA, you can protect your business from the most common types of cyberattacks such as:

  • Phishing – This is the most common form of cyberattack where hackers deliver an email that sends users to a fake site that gets them to provide their credentials.
  • Spear phishing – Similar to phishing, but this type of attack targets an individual rather than a large group of people.
  • Credential stuffing – Credential stuffing works by taking advantage of people using the same username and password across multiple sites to access various sites and apps.
  • Keylogging – Keyloggers are programs installed by a hacker to capture a user's activity. This includes keystrokes on the keyboard, personal credentials, security questions, sites visited, and more.
  • Man-in-the-middle attacks – This is where a hacker tries to steal data by intercepting the communication between a user and a website or app. If the attack is successful, the hacker can then steal important information such as login credentials, credit card information, and email messages.
  • MFA can't stop all attacks, but the extra layer of protection it provides is effective against most attempts to breach your system. F1 Solutions Inc. will help maximize your organization's network security to ensure your data is safe and secure 24/7. Give us a call today to learn how we can assist you with your network security needs.


    Essential reading: Office 365 and Microsoft 365 for commercial and government businessesRead Now