Sometimes it turns out that the answers we’ve been looking for so hard have been sitting in front of us for so long that we somehow didn’t notice them.
When the Department of Homeland Security, through the Cybersecurity and Infrastructure Security Agency (CISA), in coordination with the FBI, issues a cybersecurity alert and prescribes specific actions, it would be a good idea to at least read the joint advisory. In their AA24-242A advisory, DHS/CISA and the FBI told the cybercriminal-stopping world that to stop ransomware attacks, organizations need to implement phishing-resistant MFA and move away from SMS-based MFA OTP.
Best advice I never followed
This year we’ve experienced a staggering spike in ransomware payouts, with the average payout increasing by a staggering 500%. According to cyber security leader Sophos’ State of Ransomware 2024 report, the average ransom amount has grown 5x to $2 million from $400,000 last year. Even more alarming, RISK & INSURANCE, a leading publication in the cybersecurity insurance industry, reported that the average ransom amount will rise to $20 million in 2023, up significantly from $1.4 million in 2022, when as actual payments rose to $6.5 million from $335,000 previously. Clearly, the need to stop ransomware attacks and data leaks is at an all-time high.
This alarming trend highlights the growing sophistication of cyberattacks and the inherent weaknesses of outdated security methods. A major vulnerability in all organizations is the widespread reliance on antiquated multi-factor authentication that is ineffective against today’s threats. According to CISA, 90% of successful ransomware attacks start with phishing. After the power theft, the outdated Foreign Office is defeated and the rest is history. Hence the mandate to switch to phishing-resistant MFA.
We will all die
The rapid growth of ransomware and data breaches has created a difficult challenge for organizations struggling to keep up with the constant waves of new attacks. This surge is due to major advances in cybercriminal techniques. As anticipated years ago, Generative AI has played a key role in transforming cyber attacks, forcing many organizations to rethink their approaches to security, but most have not adapted quickly enough.
The rise of Generative AI has enabled cybercriminals to create highly convincing phishing emails, making them virtually impossible for even the most trained users to detect. Generative AI has greatly improved phishing attack techniques, making them more difficult for cybersecurity teams to defend against. Phishing remains the most common way attackers gain access to networks, accounting for 9 out of 10 ransomware incidents.
Cybercriminals are constantly refining their strategies to maximize disruption and extract larger payouts from vulnerable organizations. The world was shocked by Change Healthcare’s loss of two billion dollars. Attackers understand the financial implications of their attacks, and they use this to demand huge sums, knowing that many victims will comply to avoid even greater operational losses.
Generative AI has revolutionized phishing by allowing cybercriminals to create realistic, personalized emails free of spelling and grammar errors. Additionally, these attacks often mimic trusted sources, making them extremely difficult to detect. By analyzing available data and imitating different writing styles, AI-generated phishing attacks have become more targeted and effective, reducing the value of traditional employee training to detect phishing attacks.
Pulling the knife on nuclear war
MFA has been a cornerstone of security for over two decades, but old legacy systems such as one-time passwords (OTPs) via SMS are no longer up to the task. Cybercriminals easily bypass legacy MFA solutions through phishing, SIM swapping, Man-in-the-Middle (MitM) attacks, and more. Legacy MFA has been breached in the majority of ransomware cases, highlighting its inadequacy in today’s cybersecurity environment.
While attacks have evolved, one thing remains constant: user limitations. People continue to be a preferred target for cybercriminals. No amount of training will equip the average user with the ability to detect every sophisticated phishing or deep forgery attempt.
This is facilitated by the growth of deepfake technology. AI-generated voices and videos are now being used to impersonate executives and trustees. Attackers use fake phone numbers and fake Zoom calls from trusted colleagues to trick employees into transferring funds or sharing credentials. These attacks take advantage of employees’ trust in familiar voices and faces, making them particularly dangerous.
The tools to carry out these attacks, once considered sophisticated, are now widely available on the dark web and require no technical expertise. What once required skilled hackers is now available to just about anyone thanks to ransomware as a service (RaaS) and AI-driven tools. This shift allows even people with minimal skills to launch sophisticated cyberattacks, making the threat landscape more dangerous than ever.
The urgency of phishing-resistant MFA is the next generation of MFA
Acceptance anti-phishing MFA this is no longer just a recommendation – it is very important. Legacy MFA solutions are ineffective against today’s sophisticated attacks. To combat the rising tide of ransomware and data loss, organizations must adopt next-generation MFA solutions that are anti-phishing. These advanced FIDO2 compliant solutions include biometric authenticationsuch as facial and fingerprint recognition, which makes it much more difficult for attackers to break into. Hardware-based MFA, biometrics, and FIDO-compliant technologies can significantly reduce the likelihood of successful phishing attacks and potentially save billions in losses each year.
Biometric authentication has become a necessity. Biometrics are unique to each user, making them very secure and very difficult to steal or duplicate. Biometrics such as fingerprints and facial features eliminate the risks associated with passwords and provide protection against phishing and other social engineering attacks. In addition, biometrics provide a seamless and convenient experience, reducing the chance of human error or support requests while improving security.
Conclusion
Revolutionary advances in cyberattack technology, driven by Generative AI and the widespread availability of ransomware as a service, have exposed critical vulnerabilities in legacy MFA systems. Phishing-resistant MFA is no longer a luxury, but a necessity in the fight against ransomware and data breaches. Traditional cybersecurity approaches such as SMS-based OTP have proven inadequate against next-generation attacks.
To stay ahead of these new threats, organizations must prioritize implementation of anti-phishing, MFA of the next generation solutions that are FIDO2 compliant and use biometric authentication. These solutions not only provide stronger protection, but also provide a more user-friendly experience, reducing human error and the risk of phishing. As cybercriminals continue to improve their methods, switching to phishing-resistant MFA is critical to protecting organizations from increasingly devastating ransomware attacks and data breaches.
Learn how the next generation MFA Phishing Resistant Token can protect your organization from advanced ransomware and data breaches on tokenring.com
