There is a cyber threat that all staff need to be aware of called Multi-Factor Authentication Bombing.
What is Multi-Factor Authentication (MFA)?
Multi-factor authentication is an additional layer of security that is used to validate your identity on the CGD network. In addition to your login name and password, an additional prompt on a mobile device will be used to verify your identity at the login stage (see image below).
Multi-Factor Authentication (MFA) is an indispensable part of our cyber security framework at CGD.
How is Multi-Factor Authentication (MFA) being exploited by hackers?
It is being exploited using a technique called MFA Bombing.
What is MFA Bombing?
MFA Bombing is when a hacker sends a user multiple requests to approve authentication on their secondary device (i.e. mobile phone).
How does MFA Bombing work in practice?
A user has been phished by clicking on a malicious link in a real phishing email. Their login name and password has been obtained by the hacker and all that is needed for the breach to be successful is for the user to press the APPROVE button when prompted to do so on their secondary device.
Once approval has been given the hacker is able to penetrate the network. The hacker will then register another device that will be used to authenticate to the network and sign on with the stolen credentials.
How can I avoid falling victim to MFA Bombing?
Do not approve MFA requests unless you are certain that they have been generated by you. These requests are legitimately generated only after you enter your login name and password and attempt to login to the network. In addition, you will also likely be prompted to approve MFA requests when you are working from home on VPN connected to the network and you are resuming a suspended session if your computer has gone to ‘sleep’ mode. Any MFA requests that are persistent or occur when you have not logged into the network should be treated as suspicious.
If you have any questions or need assistance with MFA requests, please contact the IT Service Desk.