The recent hack on the HSE’s database of patient information has prompted many to review their own data security practices. While it is impossible to have a completely secure database, there are many steps organisations should take to drastically improve their odds in the fight against gangs of data thieves. According to data security experts the HSE breach was an ‘accident waiting to happen’. There is little doubt many databases are just as susceptible. No system is 100% secure. Nonetheless, there are important lines of defense all organisations should have built in to their day-to-day security protocols, procedures, training and toolkits.
The most important line of defence an organisation has against cyber-attacks is their staff, so training on correct security procedures should always be the priority. However, employees will need to have certain tools at their disposal in order to play their part in keeping gigabytes of personal information out of the hands of extortionists and hackers.
This article will focus on one specific, but crucial, cyber security tool - Multifactor Authentication (MFA).
Typically, when a user is logging in to an application or site, they will simply input their username and password and will then be granted access to the application, database, or admin area of a website. As the name suggests, MFA is an additional ‘factor’ of authentication on top of the password. It ensures the correct person is using the password.
The additional layer of MFA can be implemented using an authentication application, entering a code received by SMS or email, scanning a fingerprint etc. This additional step is becoming more commonly used, especially in the corporate world, with security breaches on the rise as we can see with the current situation with the HSE. The risk has never been greater and the reward for the hackers has never been higher. As of 2020 it is estimated the MFA market is valued at 10.64 billion with a projected value of 28.34 billion by 2026. This illustrates the rapid movement of companies to MFA and the industry wide importance of additional user security layers at relatively little cost to the company.
What is Multi-Factor authentication?
Multi Factor authentication is an authentication method used to prompt users in additional ways to prove that they are the user they are attempting to log-in as. This would be an additional piece of information, as mentioned above. For example, a code sent to your mail address that will require input to the site/app in order to be granted access. MFA is a minimum of 2 step authentication access and can also be known as 2FA or 2 Factor Authentication and this is a fundamental component of identity and access management (IAM) policy. This decreases the likelihood of a successful cyber-attack. Common MFA Examples Multi-Factor Authentication can be used and include many different elements, some of the main implementation methods are visualized below.
For effective MFA you would be required to use a combination of a minimum of 2 of the elements from the figure above.
Knowledge would be the standard procedure like passwords, PIN Codes or a passphrase that would allow access to the account. This would be seen as knowledge that the user has to access the account.
This is another device such as mobile device, tablet or FOB. This would be commonly the MFA as we know it, you input your password and follow up with an authentication code sent to your phone, email or an FOB device that is usually timed. It would be easier for an attacker to steal but also would only be 1 part to the puzzle.
This would be the latest form of MFA and can be a fingerprint scan or face scan on your device. For an attacker this would be extremely difficult to compromise but it is not unbreakable. There are a lot of possibilities that can be used across the 3 categories. The question of which to implement would depend on the IT security teams evaluation of their needs and budget.
Why is MFA Important?
The recent HSE ransomware attack has caused massive disruption to the as their entire system of procedures and systems has been affected. Whilst the exact details of this attack are yet to be uncovered having up to date security systems and the latest technology might all be in vain if we are not implementing the appropriate user security policies and educating the users who use our systems. Should a user have one security factors compromised, such as their password, the chances of an additional factor being compromised is extremely low. This also gives the the security team time to react should a breach occur in one of the factors of authentication, removing the threat to the account, the network and databases. It is critical to ensure you are using the right MFA methods that suit your organisation and its needs. It is important to note that SMS messages are not encrypted and although they might not be easily accessed, they are still a higher risk than implementation of an encrypted application to receive a code. Also, security questions should also be evaluated, can the information of your employee’s first dog or street they grew up on be accessed through their social media accounts, personal blogs or LinkedIn account?
Why use 2FA?
In the grand scheme of some IT projects, implementation of MFA is relatively small and the security of your systems is of paramount importance it really is an easy choice. This is not costly and for the benefit that is gained from the use of MFA within your systems to heighten user security. From a hacker's perspective this is generally low-risk and high reward. These breaches can come from methods like pharming, keylogging and phishing with little to no manual labor involved from the attacker's perspective.
- Pharming is a cyberattack intended to redirect a website's visitors to a duplicate, fake site. Pharming can be conducted either by changing the hosts file on a victim's computer or by exploitation of a vulnerability in DNS server software. DNS (Domain Name System) servers are responsible for connecting your domain name (www.ExampleDomainName.com) the IP addresses – a number which computers and servers can read.
- Keylogging is when the keys struck on a keyboard are recorded. The person using the keyboard is usually unaware that their actions are being monitored. Data can then be retrieved by the hacking operating the logging program.
- Phishing is a cyberattack in which targets are contacted by email, telephone or text message by someone posing as a legitimate institution to trick individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords. The information is then used to access important accounts and can result in identity theft and financial loss.
An additional layer of user authentication can mitigate the risk of any of these attacks breaching a database.
The rise in cyber-attacks has been exponential in recent years and 2020 even during a global pandemic seen a rise of 485% in comparison to 2019. This shows that threat is not going away but instead focus should be geared towards our resilience in carrying out preventative measures and heightening our systems and user security. Employees will also not need as much training as one would expect as 1.9 billion individuals across the globe use online banking. Online banking uses Multi Factor Authentication for applications or their websites. More than likely your employees would have browsed a website this in their personal lives at some point. This can also make your employees feel more valued as they feel protected by their employer.
What pTools can offer?
pTools are offering a two-step authentication process on our Content Management System with who we deem to be market leaders in MFA in the form of Google and Microsoft. The implementation in MFA is with the use of 2 applications created by Google and Microsoft respectively. You will have the choice between the Google and Microsoft Authenticator. Once enabled on your CMS you will have 3 log-in inputs, your username, password and the code from your selected authentication application. To receive your authentication code, you are required to log into the application via your trusted device and this is usually implemented on a second device like your mobile or tablet. To find out more about our 2 Factor Authentication on your pTools CMS please reach out to firstname.lastname@example.org who will be able to assist with any queries.
An MFA solution is a relatively inexpensive method of user security that can be implemented to lower the risk of a successful cyber-attack on users. The increase in ransomware attacks shows us attackers are not going anywhere we therefor need to stay ahead and show resilience. pTools is offering a solution which can be implemented on your CMS.