Don’t gamble with your identity verification practices

Both events showed a consistent pattern of using an employee’s identity and using social engineering to fool the IT helpdesk into providing access. According to a Reuters report, these ransomware bandits also breached the systems of several other companies operating in manufacturing, retail, and technology.

Understanding black hat attacks

Ransomware heists have become increasingly common in recent years as they have become more profitable for hackers.

The formula is well-known: black hat hackers encrypt a company’s data and demand a ransom payment for the decryption key. If the company does not pay the ransom, the hackers threaten to release the data to the public or sell it to other criminals. These cyber thieves target companies of all sizes but are often keen on enterprise organizations with valuable data.

This vulnerability is not unique to MGM nor Okta; it’s a systemic problem with multi-factor authentication. MFA, which was designed to authenticate devices, falls short in secure enrollment and recovery processes which is critical where identifying the human user is critical. This is an acknowledged limitation stemming from its original design as it wasn’t developed to address this specific challenge.

It’s worth re-mentioning that a 2022 study by security company Tessian and Stanford University professor Jeff Hancock found that employee mistakes and human errors were the cause of 88% of data breach events. IBM Security pegged that same number higher, to 95%.

In addition to the financial cost of the ransom payment, businesses can also lose revenue and productivity due to downtime and the need to recover from the attack. Ransomware heists can also damage a company’s reputation and erode customer trust.