-Brittney Liburd, Senior Manager, Product Marketing
In our May 30, 2021 blog, Why Organizations Need to Eliminate Passwords – Once and For All, we talked about how passwords have become a gateway to security risks. A few successful cyber breaches stand out on this front.
In early 2020, hackers infiltrated the file server of American software company SolarWinds, embedding malicious code into its “Orion” software product. The malware then infected thousands of enterprises, as well as the U.S. Treasury Department and other federal agencies, via compromised updates that the company unknowingly released. The alleged source vulnerability? In 2017, a SolarWinds intern unknowingly exposed the password for an internal server account, “solarwinds123”, to the public.
Recently, both Microsoft and Okta confirmed that LAPSUS$, an extortion-focused hacking crew, had gained access to its systems. Once again compromised credentials were flagged. A Microsoft spokesperson indicated that the breach was facilitated by means of a single compromised account. LAPSUS$, which first emerged in July 2021, has targeted a wealth of companies since then, including Impresa, Brazil’s Ministry of Health, Claro, Embratel, NVIDIA, Samsung, Mercado Libre, Vodafone, and most recently Ubisoft.
The group’s tactics are pretty standard, including phone-based social engineering schemes and SIM-swapping to facilitate account takeover, accessing personal email accounts of employees at target organizations, and even bribing employees, suppliers, or business partners of companies for access. There are also reports that a practice called “MFA Bombing” was used to bypass weaker legacy authentication such as one-time passwords sent by SMS or push authentication prompts sent to a mobile device.
Its time for corporate security teams to take notice. To limit the impact of a third-party breach on your organization, take these five easy steps:
As geopolitical tensions increase, attacks on infrastructure and private entities are expected to increase. Passwords are the easiest way to break in. And password resets using standard MFA approaches are also vulnerable to attack. Cybercriminals can reroute or capture one-time SMS passcodes and compromise challenge questions that rely on easy-to-hack, personally identifiable information (PII) data.
Once an organization’s network is compromised directly or through a third party, the potential for damage caused by a hacker is not limited to the company but to its customers, employees, and assets.
With authID‘s Verified™ solution, organizations can replace password risk and vulnerabilities from the internal MFA workflow using cloud-based, facial biometric authentication with anti-spoofing “liveness confirmation” that verifies the true account owner seamlessly. This pioneering AI-powered technology delivers bias-free identity certainty through a strong system that relies on authenticating the user, not just the device. The result is a more secure, user-friendly identity authentication experience. Verified™ is device agnostic, provides secure message delivery, and allows for self-service recovery using biometrics.
Want to learn more? Contact authID.ai today at 1 (516) 778-5639 or click here to schedule a demo.
By Jeff Scheidel, VP of Sales One rite of passage for baby boomers was faking…
How 33 Million Identities Could Have Been Spared The Risk By Jeff Scheidel, VP of…
How The Threat Of AI Is Now, Not Later, And The Way To Fight It…
By Jeff Scheidel, VP of Sales. Most often when people speak of cyber-security and user…
By Jeff Scheidel, VP of Sales. This past month, FindBiometrics and Acuity Market Intelligence published…
By Jeff Scheidel, VP of Sales. Sure, I’m old, but everybody I hang with complains…