Though collaboration software such as Office 365, Slack, and Elevate, provide a variety of ways to communicate, email remains the most widely used tool for business communications. In 2021, the total number of business and consumer emails sent and received exceeded 319 billion. For cybercriminals, emails serve as entry point #1 into businesses, school systems, and healthcare, and government agencies. Ninety percent of all successful ransomware and malware attacks breach organizations through their email. What security measures do you have in place to protect your business from these attacks?
Multifactor Authentication (MFA)
Among all the tools in your security toolbox, Multifactor Authentication (MFA) is one of the most successful measures to reduce harmful email hacks and intrusions. According to Alex Weinert, Microsoft’s Group Program Manager for Identity Security and Protection, “…your [email] account is 99.9% less likely to be compromised if you use MFA." .
1“Email Statistics Report, 2021-2025” The Radicati Group, Inc., February 2021. www.radicati.com%2Fwp%2Fwp-content%2Fuploads%2F2021%2FEmail_Statistics_Report%2C_2021-2025_Executive_Summary.pdf&clen=146512&chunk=true.
2“10 Facts About Ransomware in 2021 That Businesses Need to Know.” March 23, 2021. https://www.graphus.ai/blog/10-facts-about-ransomware-in-2021-that-businesses-need-to-know/
3ZDNet. Weinert, Alex, August 26, 2019. https://www.zdnet.com/article/microsoft-using-multi-factor-authentication-blocks-99-9-of-account-hacks/#:~:text=%22Based%20on%20our%20studies%2C%20your,Security%20and%20Protection%20at%20Microsoft.
MFA enables stronger authentication of your identity, requiring multiple identification steps to reduce the
Your mother’s family name spelled with numbers and letters. Your child’s birthday. Your name spelled backwards with exclamation points!! The company name and your initials…these are too common examples of passwords frequently used to “protect” entry into your system. R3A11y!
risks of compromised passwords, which hackers look for to exploit. MFA requires two or more independent pieces of information to verify a user’s identity when they attempt to log into your network or access data. Examples include a private, randomly chosen password, a fingerprint, a facial recognition app on an employee’s device; and most commonly, a hardware token sent to an employee’s smart device Multifactor authentication works particularly well with Office 365 and G Suite – but should be implemented by all businesses regardless of their primary communication and collaboration tool.
Sizing today’s Cybersecurity Threat
Cybercrime is steadily increasing year over year, and one cybersecurity attack happens every 39 seconds. However, recent events in Eastern Europe have accelerated cyberattacks against U.S. public and private sector entities. On March 31, 2022, CISA and the FBI issued a Cybersecurity Advisory (CSA) to U.S. businesses regarding Russian state-sponsored malicious cyber activity.
Multifactor Authentication Best Practices and Mitigation
If you have not implemented MFA, now is the time. CISA recommends that you review the default configurations for multifactor authentication to reduce the ability of sophisticated cyberattacks to breach your security system and access sensitive data, intellectual property, employee information and customer account information. Internal communication plans and employee security training will help decrease the chances of human error and further bolster your organization’s security.
The following actions are recommended by CISA and the FBI:
- Enforce MFA for all users, without exception. Before implementing, organizations should review configuration policies to protect against “fail open” and re-enrollment scenarios.
- Implement time-out and lock-out features in response to repeated failed login attempts.
- Disable inactive accounts uniformly across the Active Directory, MFA systems, and other software services in your IT environment.
- Update software, including operating systems, applications, and firmware on IT network assets in a timely manner. Prioritize patching known exploited vulnerabilities, especially critical and high vulnerabilities that allow for remote code execution or denial-of-service on internet-facing equipment.
- Require all accounts to have strong, unique passwords that cannot be reused across multiple accounts or stored on an unprotected system that is easy to access.
- Continuously monitor network logs for suspicious activity and unauthorized or unusual login attempts.
- Implement security alerting policies for all changes to security-enabled accounts/groups, and alert on suspicious process creation events (ntdsutil, rar, regedit, and more).
To learn more, visit www.CISA.gov. For assistance with assessing your current IT defenses, and cybersecurity strategy, contact The ARCO Group, a leading provider of Cybersecurity and Compliance reporting solutions. for small and medium sized businesses. Currently, The ARCO Group is offering a free Cyber Security IT Assessment. For more information or to sign up for an IT Assessment, contact us today!