The landscape of cyber security for UK small to medium businesses is continually changing.

Is MFA enough?

In the ever-evolving world of cybersecurity, Multi-Factor Authentication (MFA) has long been hailed as the frontline defender against malicious access to accounts.

While the significance of MFA remains undeniable, the landscape is shifting, revealing that relying solely on MFA might not provide the comprehensive protection businesses need in the face of sophisticated threats. Only recently did Uber suffer from an attack method called MFA Fatigue. Where user credentials were stolen, and the attackers repeatedly sent requests for access via push notification.

Adapting to a shifting cyber security landscape.

With rapid technological advancement, cyber threats are becoming increasingly sophisticated, demanding a proactive and comprehensive approach to security. Multi-factor authentication (MFA) has been a cornerstone of the defence, requiring users to provide multiple forms of verification –typically a password and a unique code – before gaining access to their accounts. This additional layer of protection has thwarted countless attempts at unauthorised access. We understand that it’s imperative to recognise that the battlefield of cybersecurity is ever-changing, and strategies must evolve accordingly.

The Power of Multi-Factor Authentication.

MFA has been a game-changer, adding an extra layer of security by requiring users to provide multiple forms of verification before granting access to their accounts. This approach has been a key deterrent against unauthorised access and has proven effective in safeguarding sensitive data. But as the saying goes, change is the only constant, and the realm of cybersecurity is no exception.

“The Cyber Breaches Survey 2023 reported that of the 48% of UK businesses who identified an attack, the most common threat vector was phishing attempts (79%).”

National Cyber Security Centre Cyber threat report

A dynamic challenge: Phishing’s evolution

The evolution of phishing attacks has given rise to a new breed of threat, where cyber criminals employ sophisticated techniques to deceive users. No longer reliant on obvious links, attackers craft emails that lead to legitimate sign-in pages. Unbeknownst to users, these pages surreptitiously transmit their credentials to genuine applications. Even with MFA in place, this new approach renders users vulnerable.

A glimpse into Adversary-in-the-Middle (AiTM) attacks.

Enter Adversary-in-The-Middle (AiTM) attacks – a crafty approach where cyber criminals exploit vulnerabilities to bypass MFA through phishing. While not a new concept, AiTM attacks have matured in complexity over the years, posing a significant threat to businesses of all sizes.

The attacker’s stealthy dance

1

An innocuous phishing email lands in your inbox.
2
Curiosity piqued, you click on the link, which transports you to the attacker’s expertly replicated website.
3

The attacker’s site covertly forwards your sign-in request to the actual site for authentication.
4

The legitimate sign-in triggers the MFA prompt, which you complete on the attacker’s site, unknowingly granting them access.
5
Before you realise it, the attacker has infiltrated your account, all without your knowledge.
6
This can lead to the attacker spoofing an email from you to a client about monies owed or change of company bank details.

Looking beyond MFA: Exploring solutions.

As MFA faces new challenges, it’s crucial to consider alternative strategies that align with the evolving threat landscape. Microsoft’s Password-less Credentials present an innovative approach, harnessing biometric data and authentication apps to grant secure access. While this approach might necessitate a shift in user habits, the added security layer can be invaluable.

Another avenue to explore is Trusted Devices, where conditional access rules restrict access attempts to trusted devices only. This not only reduces the attack surface but also fortifies security by focusing on devices with a proven track record.

Collaborating with managed cyber security experts, like us, adds a layer of comprehensive protection. Managed cyber security solutions provide not only advanced security technologies but also real-time monitoring and proactive alerting. A proactive approach enables early detection of malicious activities, safeguarding your business against potential threats.

As UK organisations navigate the shifting tides of cyber security, the key takeaway is that while MFA remains a vital component, it’s no longer a standalone solution – it demands adaptable strategies that stay one step ahead of cunning adversaries.

“91% of all cyberattacks begin with email, as hackers attempt to manipulate or coerce others into disclosing sensitive data.”

Deloitte 2020 press release

Strengthening infrastructure defences: MFA and comprehensive cyber security policies.

While the vulnerabilities posed by evolving cyber threats are undeniable, proactive measures can significantly fortify your organisation’s defences. Implementing Multi-Factor Authentication (MFA) isn’t a standalone solution; it’s the cornerstone of a broader cyber security strategy. The key is to marry MFA with comprehensive cyber security policies and more proactive application and network conditional access controls that encompass a range of proactive measures.

Establishing a robust cyber security framework

MFA is most effective when embedded within a comprehensive cybersecurity framework. This involves a proactive approach to threat detection, incident response, data protection, and user education. By setting clear policies, guidelines, and best practices, you establish a culture of security awareness across your organisation. We strongly urge all our clients to turn on MFA for all users as the first step to stronger cyber defences.

Educating users

Your employees and users are your first line of defence. Educating them about the evolving threat landscape, the tactics employed by cybercriminals, and the importance of adhering to security protocols is essential. Conduct regular training sessions, workshops, and awareness campaigns to empower your workforce to identify and thwart potential threats. If you are one of our Managed Service clients, we offer FREE monthly cyber security awareness training to keep your users up to date with the latest techniques to keep their data and work safe.

Implementing endpoint security

Beyond MFA, endpoint security plays a critical role in safeguarding your organisation’s digital environment and business-critical data. The proliferation of remote work and mobile devices has expanded the attack surface for most organisations. We offer robust endpoint security solutions that can actively monitor devices for potential vulnerabilities and swiftly respond to suspicious activities – reducing the risk of breaches.

Taking the next step to reducing your vulnerabilities.

While understanding the importance of MFA and cybersecurity policies is vital, partnering with experts in the field can make all the difference. As your trusted IT managed service provider, we stand ready to guide you through the complex landscape of modern cyber security.

Enhanced endpoint security and alerts

We offer Managed Endpoint Security solutions designed to mitigate the risks associated with AiTM attacks and phishing threats. Our innovative technologies actively monitor your network, identifying and neutralising potential threats before they impact your operations. Real-time alerts ensure you’re promptly informed about any suspicious activities, enabling you to take swift action.

Expert guidance and advanced security solutions

Every organisation is unique, and that’s why we take a fresh approach to cyber security. Our team of dedicated experts will assess your organisation’s specific needs and challenges – devising focused strategies that align with your goals. We believe that cyber security should be a journey, and we’re committed to walking this journey with you.

Conclusion

The landscape of cyber security has transformed, necessitating a dynamic and multi-faceted approach. While enforcing MFA on all your users remains a foundational element, it must be complemented by comprehensive cyber security policies, robust endpoint security, and a vigilant workforce.

Don’t navigate this landscape alone – seek help and guidance from a trusted source/partner to fortify your organisation’s defences and proactively stay ahead of evolving threats. Feel empowered to reach out to IT Champion today. Together, we’ll craft a cyber security strategy that not only protects your organisation but also propels it forward in an era of digital advancement.

Additional reading

The following links are some additional reports, articles, and industry pages about the subject of protecting against phishing attacks, MFA, and endpoint security with conditional access.

How to protect against an adversary in the middle and phishing attacks: Protect Against AITM, MFA, Phishing Attacks Using Microsoft Technology
Microsoft password-less credentials: Microsoft Authentication – Passwordless
Conditional access and trusted devices: Conditional Access with Trusted Devices
Multi-factor authentication is now not enough for good cyber resilience: Multi-Factor Authentication Not Enough for Cyber Resilience
Multi-factor authentication (MFA) failures show there’s no shortcut to cyber resilience (Guest blog by CDS): CDS Guest Blog on MFA and Cyber Resilience
Mobile device management: Mobile Device Management by IT Champion
Managed Endpoint Security: Managed Endpoint Security by IT Champion