Multi-factor authentication (MFA) is an authentication method that requires more than one piece of evidence to verify a user’s identity. Commonly, this includes something the user knows (like a password), something the user has (like a security token), or something the user is (like a fingerprint).
Despite the added security that MFA provides, hackers can still bypass it if they are able to obtain one of the pieces of evidence required for authentication. For example, if a hacker is able to steal a user’s password, they can use that to login even if MFA is enabled. Or, if a hacker is able to get their hands on a user’s security token, they can use that to bypass MFA as well. There are a few ways that hackers can obtain the information they need to bypass MFA. They may use phishing attacks to trick users into providing them with login credentials or install malware on a user’s device that records their keystrokes. In some cases, hackers may even be able to exploit vulnerabilities in the MFA system itself. One recent example is the case of the Twitter hack that targeted high-profile users such as Barack Obama, Joe Biden, and Elon Musk. The hackers were able to take over these accounts by bypassing Twitter’s two-factor authentication (2FA).
How did they do it? It’s believed that they used a technique called “SIM swapping.” This involves taking over a victim’s phone number and using it to reset the password on their Twitter account. Once they had control of the account, they were able to post tweets that promoted a cryptocurrency scam. Many people fell for the scam and lost money as a result. This just goes to show that no security measure is foolproof.
While MFA provides an extra layer of security, it is not foolproof. Hackers can still bypass it if they are able to obtain one of the pieces of evidence required for authentication. Companies should be aware of the risks and take steps to protect themselves and their employees. Purple Shield Security can provided services such as Phishing Attack Simulation, Extended Detection and Response, Security Operation Services, and Vulnerability Scanning Services which can help with identifying and preventing these type of security risks and issues. If you’re a business that is using MFA as your sole security measure, you could be at risk. Contact us for more information.