Earlier this year, news of multi-factor authentication attacks surfaced. started to emerge. MFA is supposed to be a method of limiting attacks. If someone gets hold of the password, asking the MFA will usually prevent them from getting further data, but this year’s attacks have shown that even the MFA can be vulnerable under certain circumstances.
The company today announced a new tool designed to help these customers defend against the MFA bombing we’re seeing.
Roman Arutyunov, co-founder and vice president of products at Xage, says MFA is very effective in most cases, but these attackers managed to find a vulnerability.
“The method of this particular attack is that it creates multiple MFA requests on the secondary device, mostly in the middle of the night, so that the operator will be so frustrated that he will simply press the approved button and therefore grant access for the attacker to that particular environment or application. “, he explained.
Once inside, Arutyunov says, hackers typically launch malware and try to get deeper into company systems and find some valuable assets to steal. In the case of an electronic grid, a water supply, or an oil and gas pipeline, it could be access to the systems that manage these critical assets to wreak havoc.
He said that when you use a single MFA layer, it can leave a company vulnerable to these types of attacks. To combat this, Xage created a multi-level multi-factor authentication tool. This creates a series of gates so that if an attacker breaks into the first layer, they can’t get to the organization’s more critical technologies.
The product interacts with the rest of the Xage framework to help prevent attacks. As CEO Duncan Greatwood told me at the beginning of this yearThe fabric is designed to provide broader protection for these systems:
“The Factory is a grid of software nodes that overlays operations, providing granular control over every digital interaction. It provides zero-trust protection that spans operations, IT, and the cloud, enabling both cybersecurity and digital transformation,” he said.
Combined with this fabric, a hacker who is trying to find a vulnerability as quickly as possible will be presented with yet another MFA request to advance to the next level of technology. Putting up these additional barriers reduces the likelihood of success, Arutyunov says.
“Now the strength of this is that now the probability of a successful compromise is reduced by orders of magnitude. So with this layered approach, these MFA bombings are next to impossible,” he said.
The new feature is available to users of the broader Xage framework starting today. The company claims to be the first to use this technique to prevent such attacks.
Credit: techcrunch.com /