Quick News Bit

Why you really need multi-factor authentication: These ransomware hackers gave up when they saw it

0
hands-at-a-green-lit-up-keyboard.jpg

Image: Getty

A ransomware attack was prevented just because the intended victim was using multi-factor authentication (MFA) and the attackers decided it wasn’t worth the effort to attempt to bypass it. 

It’s often said that using MFA, also known as two-factor authentication (2FA), is one of the best things you can do to help protect your accounts and computer networks from cyberattacks because it creates an effective barrier – and now Europol has seen this in action while investigating ransomware gangs.  

“We’ve done investigations where ransomware criminals were monitored. In certain investigations, we saw them trying to access companies – but as soon as they would hit two-factor authentication in this process, they would immediately drop this victim and go to the next,” said Marijn Schuurbiers, head of operations at Europol’s European Cybercrime Centre (EC3), speaking about an undisclosed incident the agency investigated.  

SEE: Ransomware: Why it’s still a big threat, and where the gangs are going next

It demonstrates how useful MFA can be in preventing ransomware and other cyberattacks. Even if the attacker has the legitimate password for the account – either because it’s been guessed or it’s been stolen – using MFA usually prevents them from being able to log in.  

An unexpected alert from an MFA authenticator app can also notify the intended victim that something is wrong and should be investigated, which can also help to prevent further attacks and incidents. 

Not only can cyber criminals exploit hacked accounts to gain initial access to the network and install ransomware, the access they gain can also be used as part of double-extortion attacks, where criminals steal information before encrypting it, with threats to publish the data if a ransom isn’t received. 

However, if attackers can’t access that data due to the use of MFA, they can’t attempt to exploit it for extortion. 

“This is really crucial information that companies can use for their counter strategies. Know that if you implement two-factor authentication for your systems in general – or maybe specifically, your crown jewels – you will significantly reduce your chances of falling victim to a ransomware group, which uses double extortion,” said Schuurbiers, who was speaking at the sixth anniversary of No More Ransom. 

No More Ransom is an initiative by Europol, additional law enforcement agencies, cybersecurity companies, academia and others that provides victims of ransomware attacks with decryption keys for free. So far, the scheme has helped 1.5 million people get their files back without paying ransomware gangs.

Implementing 2FA is one of several recommendations Europol recommends to help prevent ransomware attacks. Others include regularly backing up data on devices, so it can be recovered without paying a ransom in the event of an attack encrypting files, as well as ensuring that security software and operating systems are up to date with the latest security patches.

MORE ON CYBERSECURITY

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! NewsBit.us is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.

Leave a comment