A ransomware assault was prevented simply because the supposed sufferer was utilizing multi-factor authentication (MFA) and the attackers determined it wasn’t definitely worth the effort to aim to bypass it.
It is typically mentioned that utilizing MFA, often known as two-factor authentication (2FA), is without doubt one of the finest issues you are able to do to assist defend your accounts and pc networks from cyberattacks as a result of it creates an efficient barrier – and now Europol has seen this in motion whereas investigating ransomware gangs.
“We have performed investigations the place ransomware criminals had been monitored. In sure investigations, we noticed them making an attempt to entry firms – however as quickly as they might hit two-factor authentication on this course of, they might instantly drop this sufferer and go to the following,” mentioned Marijn Schuurbiers, head of operations at Europol’s European Cybercrime Centre (EC3), talking about an undisclosed incident the company investigated.
SEE: Ransomware: Why it is nonetheless an enormous risk, and the place the gangs are going subsequent
It demonstrates how helpful MFA will be in stopping ransomware and different cyberattacks. Even when the attacker has the professional password for the account – both as a result of it has been guessed or it has been stolen – utilizing MFA normally prevents them from with the ability to log in.
An sudden alert from an MFA authenticator app may also notify the supposed sufferer that one thing is fallacious and ought to be investigated, which may additionally assist to stop additional assaults and incidents.
Not solely can cyber criminals exploit hacked accounts to achieve preliminary entry to the community and set up ransomware, the entry they achieve may also be used as a part of double-extortion assaults, the place criminals steal info earlier than encrypting it, with threats to publish the information if a ransom is not obtained.
Nevertheless, if attackers cannot entry that knowledge attributable to using MFA, they cannot try to take advantage of it for extortion.
“That is actually essential info that firms can use for his or her counter methods. Know that in case you implement two-factor authentication to your programs usually – or perhaps particularly, your crown jewels – you’ll considerably cut back your probabilities of falling sufferer to a ransomware group, which makes use of double extortion,” mentioned Schuurbiers, who was talking at the sixth anniversary of No Extra Ransom.
No Extra Ransom is an initiative by Europol, further regulation enforcement businesses, cybersecurity firms, academia and others that gives victims of ransomware assaults with decryption keys totally free. To this point, the scheme has helped 1.5 million individuals get their recordsdata again with out paying ransomware gangs.
Implementing 2FA is one in every of a number of suggestions Europol recommends to assist forestall ransomware assaults. Others embody often backing up knowledge on units, so it may be recovered with out paying a ransom within the occasion of an assault encrypting recordsdata, in addition to making certain that safety software program and working programs are updated with the newest safety patches.
