Changes to the cybersecurity threat landscape are constant and dynamic: threat actor groups come and go, alter tactics, techniques and procedures (TTPs) and adjust to new defensive mechanisms. Over time, both cyber criminal gangs and nation-state actors endure arrests and swap individuals in what can appear to be an ongoing arms race between good and evil.
Occasionally, new technologies have the power to shift the threat landscape in a dramatic fashion. When these shifts occur in favor of the defender, they provide confidence that progress is on the side of the defenders. X-Force data shows the early signs of one of these dramatic shifts right now, as more organizations implement multifactor authentication (MFA). A shift in how attackers gain an initial foothold in organizations may prove that MFA is forcing more threat actors to abandon using stolen credentials to gain unauthorized access into systems.
X-Force incident response data from 2020 reveals a significant decrease in business email compromise (BEC) attacks and attackers’ use of credential theft or brute force as an initial infection vector. For attackers that rely on stolen credentials, MFA is now creating effective barriers to success, and X-Force has observed cases in which threat actors immediately abandoned operations after encountering an MFA prompt.
Is MFA the end-all? Obviously, attacker skill and motivations play a major role in how they approach intrusion and account takeover — including methods for circumventing MFA — but for the attackers who cannot tackle MFA, we could be looking at the beginning of a new era.
Business Email Compromise Attacks Are Down
One of the symptoms X-Force correlated with an increase in clients’ implementation of MFA is a 38% drop in BEC a ..
Support the originator by clicking the read the rest link below.
