With ransomware attacks in the news again, many companies wonder how to reduce their own cyber risk. No matter how big or small, a company can lessen its attack surface and better protect all access points to the business with a layered cyber defense strategy that emphasizes strong authentication. Multifactor authentication is crucial to lowering the risk of a successful ransomware attack, especially when paired with well-managed password security.
In a ransomware attack, a victim downloads malware that encrypts the data on their computer. The malware then holds the data hostage until the victim pays the attacker a lump sum of money. This method of data extortion skyrocketed in popularity since the COVID-19 pandemic, with an estimated 150% increase in the number of ransomware attacks and more than a twofold increase in the average ransom demand in 2020.
Recent attacks against companies like SolarWinds and Colonial Pipeline show the devastating impact of ransomware - from financial loss to PR nightmares. SolarWinds says cleaning up the hack's damage cost upwards of $18 million. In comparison, the Colonial Pipeline attack set off region-wide panic about gas shortages even as the company paid a $5 million ransom to get its data back.
In response to these and other attacks, the Biden administration recently issued an executive order on cybersecurity. Included is a mandate for the use of multifactor authentication when accessing government networks.
Why focus on multifactor authentication?
Multifactor authentication (MFA) requires additional information beyond a username and password to grant access. Supplying two or more "factors" — like a fingerprint and use of a trusted device — a user can more rigorously prove that they are the person they claim to be. Today's best MFA solutions also use contextual data to more accurately detect unusual activity and to "adapt" login requirements for riskier or more suspicious logins.
MFA can therefore play a key role in stopping or at least slowing a ransomware attack. An attack often begins with gaining access to the company's network or key accounts (like corporate email). Once they have a foothold, attackers can either deploy ransomware directly on a machine or more easily trick employees into clicking malicious links to download the software.
By requiring MFA to access the network or log in to corporate accounts, it becomes much more challenging for attackers to gain access. The login attempts will alert employees and IT admins when requests for MFA authorization start appearing. Plus, the attackers will need to expend significantly more effort and time when they don't have the required MFA information. In the end, it's simpler for them to move on to easier targets.
Thankfully, the widespread availability of two-factor authentication by consumer services has also increased employee comfort levels with MFA solutions in the workplace. Tapping an "approve" message, swiping a fingerprint, or even typing out a 6-digit generated code — all on a smartphone that employees always have with them — are commonplace security requirements now. Using technology and behaviors that employees are already familiar with, solutions like MFA build strong security layers into their everyday workflow. With an unobtrusive authentication experience, where more robust security is relegated to the background, IT can feel more confident in employee compliance and an overall reduction in the risk of a ransomware attack.
MFA is just one part of an effective cybersecurity strategy, albeit a crucial one. Protecting every access point in the business also requires pairing MFA with a password management solution. Enforcing strong password policies, ensuring every password is randomized, and gaining visibility into employee access helps IT be more strategic and impactful in their security efforts.
Types of attacks will undoubtedly continue to evolve. Still, companies must invest now in a solid foundation of managing employee access and securing everyday authentication. Those that do will better weather whatever the future holds.