Mimecast: MFA is Key to Stopping Future Colonial Pipeline-Type Attacks

The Colonial Pipeline cyberattack was one of the most important and dramatic ransomware attacks so far, as it blocked operations at the largest gasoline line in the U.S. This single cyberattack impacted lives across the U.S. as fuel prices rose in response around the country, leading to shortages, hoarding and price gauging problems while Colonial Pipeline scrambled to resolve the problem.
With this dramatic ransomware attack illustrating how gaps in cybersecurity can lead to not just economic damage but infrastructural problems in our increasingly connected and digital world, how can future attacks of this kind be stopped? The answer may be easier than it first appears, and that’s Multi-Factor Authentication.
Multi-Factor Authentication (MFA)
Multi-Factor Authentication (MFA) is a verification method that requires two or more authentication measures to gain access to restricted resources. This added security level ensures that the person trying to access private material is indeed the correct identity.
Instead of requiring just a username and password which can easily be stolen by cybercriminals, MFA enhances an organization’s cybersecurity by adding additional verification measures to gather information, such as fingerprints or security codes to match identities.
Using MFA greatly decreases the likelihood of cyberattacks and has been proven to be one of the most effective ways of securing private networks. 
How an MFA Lapse Led to the Colonial Pipeline Attack
The cyberattack on Colonial Pipeline Co was ultimately due to a compromised password, inactive VPN, and a complete lack of multi-factor authentication processes in place.
Cybercriminals try to invade an organization’s networks and systems in order to halt production, cause internal organizational damage, or hold them for ransom. In this case an organization successfully attacked and ransomed Colonial Pipeline Co for millions of dollars. Implementing MFA in this organization’s security systems could have prevented the bad actors from gaining access and delaying the production of the pipeline.
Although simple, using Multi-Factor Authentication is a powerful guard against those trying to penetrate private networks.
Integrating MFA Into Enterprise-Level Cybersecurity
There are multiple ways of implementing multi-factor authentication into enterprise-level cybersecurity systems.
A time-based one-time password (TOTP) creates a one-use password generated from a computer algorithm using the current timestamp as a source of uniqueness. A short message service (SMS), on the other hand, allows the user to log in with a username and password and a verification code will be sent to their phone number to complete the authentication process.
Email can work similarly to SMS where a verification code will be sent to the corresponding email. However, when using email verification, it is important to use encrypted email to further protect vital systems. Without strong email encryption, it’s possible for bad actors to intercept and see the contents of the email, which defeats the purpose of the authentication.
Multi-Factor Authentication is a strong form of security against cybercriminals. It’s important to integrate MFA into modern cybersecurity practices for both enterprises and public institutions in order to ultimately protect against future Colonial Pipeline-type attacks. 
***
Contact: carolina.darbellesv@iquanti.com
Source: Mimecast