How MFA can block 99.9% of compromised account attacks
Authored by QBE Cyber Portfolio Manager Erica Kofie
Many of us look set to continue working from home for the foreseeable future. With remote working set to become the “new normal” for many, it's important to make sure our systems are safe and secure.
There is a new vulnerability that hackers are capitalising on – unsecure remote access. When offices closed in response to the Covid-19 pandemic, few of us realised we would be working from home for months - or for some of us, forever, and so businesses had to act quickly to ensure all employees could access systems remotely. Looking back in hindsight, however, many are being forced to question whether they implemented a secure enough protocol.
There are two main ways businesses have set up remote access:
Remote Desktop Protocol (RDP)
This allows employees to access the desktop of work computers at home, giving remote users complete control of their entire computers. The connection is visible as Port 3389 to anyone looking at the external perimeter of network over the internet. Hence, it is easy for hackers to locate and attack these points of entry. Hackers normally do this through the use of scanning malware that looks out for these open ports.
Virtual Private Network (VPN)
This is a secure connection between the user and the internet. All data traffic is routed through an encrypted virtual tunnel by disguising IP addresses, making user locations invisible to everyone. This makes it secure against external attacks. It must be remembered that VPNs are like any other software, and so they must be patched to ensure they are not subject to vulnerabilities.
Multi-Factor Authentication
VPNs are undoubtedly the more secure way to set up remote access. However, it is still important to secure your VPNs with Multi-Factor Authentication (MFA).
If someone gets hold of your username and password, it is easy to get into your account. Sometimes a brute force attack may be used where a computer-generated programme attempts to guess your password by trying millions of options.
When hackers compromise your network, they can gain visibility of your VPN. MFA is an additional layer of security for logging in.
Methods of MFA that are secure include:
- Chip and pin
- Authenticator apps
- Fingerprint scans
- Device certificates
According to Microsoft, MFA can block 99.9% of compromised account attacks. Therefore, we recommend all businesses have this risk control in place immediately.
For more on cyber security and other risk management tips, visit www.QBEeurope.com/resilience
About QBE
QBE European Operations is part of QBE Insurance Group, one of the world’s leading international insurers and reinsurers and Standard & Poor’s A+ rated. Listed on the Australian Securities Exchange, QBE’s gross written premium for the year ended 31 December 2018 was US$13.7 billion.
As a business insurance specialist, QBE European Operations offers a range of insurance products from the standard suite of property, casualty and motor to the specialist financial lines, marine and energy. All are tailored to the individual needs of our small, medium and large client base.
We understand the crucial role that effective risk management plays in all organisations and work hard to understand our clients’ businesses so that we offer insurance solutions that meet their needs – from complex programmes to simpler e-trading solutions – and support them in minimising their risk exposures. Our expert risk management and rehabilitation practitioners focus on helping clients improve their risk management so that they may benefit from a reduction in claims frequency and costs.