How to stonewall the hackers trying to to get around your MFA

Multi-factor authentication (MFA), a security system that requires multiple methods of authentication from independent categories of credentials to verify a user’s identity has been held up by many experts as one of the best way to protect against brute force attacks and spear phishing lures on credentials.

And yet, if anything is true when it comes to technology, it’s that nothing (not even MFA) is unhackable.

While a Microsoft report from August 2019 suggests MFA blocks 99.9 per cent of automated cyberattacks, those assertions begin to fade in the face of recent news that hacking groups in China are bypassing two-factor authentication in web server attacks, and specialized tools like evilginx, are making phishing feasible, even when the target uses two-factor authentication.

Where does that leave companies in 2020? Exposed, especially if they’re taking the attitude that with MFA they’re safe as Fort Knox. According to KnowBe4 Data-Driven Defense Evangelist Roger Grimes and Chief Hacking Officer Kevin Mitnick, there are not merely one or two but at least a dozen ways to get around MFA.

Would you like to know what those ways are? On Thursday, March 26th, Grimes will bring his more than 30 years of security experience to the table when he meets with ITWC CIO and Chief Digital Officer Jim Love to discuss come together for in the webinar Many Ways to Defeat Multi-Factor Authentication and How To Stop the Bad Guys.

In this hour-long session, Love and Grimes will look at 12 ways bad actors have been able to hack MFA solutions. The live webinar will also examine the role your workers play in a blended-defence strategy.

As a special bonus, the session will also include a (pre-filmed) hacking demo with Kevin Mitnick, who was once the FBI’s most wanted hacker. He now helps companies defend themselves. Mitnick’s demo includes real-life successful examples of every attack type.

You will come away from this webinar with a deeper understanding of the advances hackers are making, and a better sense of how to defend your MFA solution.

Register now for this webinar

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Glenn Weir
Glenn Weir
Content writer at IT World Canada. Book lover. Futurist. Sports nut. Once and future author. Would-be intellect. Irish-born, Canadian-raised.

Related Tech News

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Featured Reads