Multi-factor authentication (MFA) has become table stakes for both enterprise and consumer security, but it’s not the perfect solution.
MFA adds a layer of security by requiring a user to verify their identify through a second log-in mechanism. A typical example would be using your mobile banking app to confirm your identity when attempting to sign in with your browser, and or a webmail provider like Gmail sending you a code via SMS to your smartphone to verify that it’s you who’s trying to login or make changes to your account.
But adding this extra layer doesn’t make for foolproof security.
MFA can lead to complacency
Because some many business applications and digital services for consumers come with MFA built in, organizations may begin to believer that they don’t need additional security, and it’s easier for users to forget other security best practices.
Not all MFA solutions are created equal, either; some are still vulnerable to social engineering such as phishing attacks. Businesses need to look at MFA as more than a box they tick off to satisfy compliance and cyber insurance obligations and have a clear understanding what MFA can protect and where it can fail.
Common MFA pitfalls
Hackers can get around MFA by exploiting centralization and session cookies. While passkeys can make MFA phishing-resistant, their centralized nature can become a vector for hackers as they are used to synchronize all user devices they log into. Hackers can circumvent this centralization through a vulnerable second factor authenticator and the passkey’s dependence on a platform’s security despite using public key cryptography.
Session cookies that are stored on a user’s device after authentication are also vulnerable because they allow a user to access resources without re-authenticating themselves each time – hackers capture those session cookies to attain access to the user’s account without needing to go through MFA through what is called an adversary-in-the-middle (AiTM) attack.
The problem with MFA is that although it is phish-resistant, it is not phish-proof because due to AiTM attacks and because they rely on other phishable vectors such as SMS codes, a one-time password (OTP) or other secondary authentication methods. Lost devices can compound the problem. The life cycle of authentication opens opportunities for hackers if the second layers of authentication are vulnerable.
Going forward, MFA and passwords need to be bolstered by embracing a Zero Trust approach to security, reducing the opportunities for human error and phishing. Most of all, organizations must remember that MFA isn’t flawless, and it doesn’t negate the need for other security tools and best practices around access management.
There are many ways artificial intelligence (AI) and machine learning already impact cybersecurity. You can expect that trend to continue in 2024 – both as tools for data protection as well as a threat.
Balancing Cybersecurity Innovation Amid Evolving Threat Landscapes
Even as you implement AI and machine learning into your cybersecurity strategy through the adoption of tools like Security Orchestration, Automation, and Response (SOAR), Security Information and Event Management (SIEM) and Managed Detection and Response (MDR), so are threat actors. They will continue to update and evolve their own methodologies and tools to compromise their targets by applying AI and machine learning to how they use ransomware, malware and deepfakes.
With small and medium-sized businesses just much at risk as their large enterprise counterparts, SMBs must take advantage of AI and machine learning as mush possible. AI-directed attacks are expected to rise in 2024 in the form of deepfake technologies that make phishing and impersonation more effective, as well as evolving ransomware and malware.
Deepfake social engineering techniques
Deepfake technologies that leverage AI are especially worrisome, as they can create fake content that spurs employees and organizations to work against their best interests. Hackers can use deepfakes to create massive changes with serious financial consequences, including altering stock prices.
Deepfake social engineering techniques will only improve with the use of AI, increasing the likelihood of data breaches through unauthorized access to systems and more authentic looking phishing messages that are more personalized, and hence, more effective.
Countering Cyber Threats and Harnessing Innovation in 2024
If hackers are keen on leveraging AI and machine learning to defeat your cybersecurity, you must be ready to combat them in equal measure – just as AI and machine learning will create new challenges in 2024, they can also help you bolster your cybersecurity. While regulations are being developed to foster ethical use of AI, threat actors are not likely to follow them.
AI will also affect your cyber insurance as your providers will use it to assess your resilience against cyberattacks and adjust your premium payments accordingly. AI presents an opportunity for you to improve your cybersecurity to keep those insurance costs under control.
Conclusion
There’s a lot of doom being predicted around the growing use of AI and machine learning. And while it does pose a risk to your organization and its sensitive data, you can use it to bolster your cybersecurity even as threat actors leverage AI to up the ante. A managed service provider with a focus on security can help you use AI and machine learning to protect your organization as we head into 2024.
