The U.S. Department of Agriculture (USDA) and other government agencies recently notified food and agriculture sector contacts about the effectiveness of Multi-Factor Authentication (MFA) in preventing cybersecurity attacks.
Anne Neuberger, who serves as deputy national security advisor for cyber and emerging technology in the Biden administration, said MFA implementation can stop anywhere between 80-90 percent of attacks. However, Alex Weinert, director of identity security at Microsoft, said there is only an 11 percent adoption rate of MFA among cloud users. Microsoft estimates that 1.2 million enterprise accounts are compromised each month and in 99 percent of cases, no MFA was enabled, USDA reported.
USDA’s notice highlighted a method used by cybercriminals called MFA prompt bombing to get around MFA protections and overwhelm the victim with prompts via email, text message, or phone call.
For example, cybercriminals may attempt to log into an account using the victim’s credentials. They will then request a phone call for MFA verification. Cybercriminals often request these verifications late at night when people are asleep and unprepared. By accepting the phone call and pressing the button to verify identity, the victim may grant the cybercriminals access to the account.
The notice outlined the following tips to stay safe from MFA prompt bombing scams:
• Never approve an MFA notification you did not request. If you have a shared account, verify the MFA request with the other account holder before taking action.
• If you receive an MFA notification you did not request, immediately change your password for the associated account. You should also consider updating your passwords for any accounts that use the same credentials.
• Create unique, strong passwords for each of your accounts. Without your password, it is difficult for cybercriminals to reach the MFA step of the login process.
The agency also highlighted comments from leaders at the Cybersecurity and Infrastructure Security Agency (CISA) confirming that ransomware hackers are targeting smaller organizations and businesses as well as larger entities like Colonial Oil Pipeline and JBS Foods in 2021. CISA Executive Director Brandon Wales discussed how ransomware actors target companies of all sizes.
“We have certainly seen a willingness for these ransomware operators to target critical infrastructure of various sizes,” Wales said. “And they're looking…to target companies where they believe they'll pay because they can disrupt their services, have an effect in operations, and that the companies will pay quickly in order to get their operations back up and running.”