As Microsoft Reports 10,000 MFA Breaches, Security Solution Providers Step Up

As Microsoft Reports 10,000 MFA Breaches, Security Solution Providers Step Up

One of the most common cybersecurity enhancements organizations continue to invest in is the adoption of multi-factor authentication (MFA). This is a security method that requires the user to provide two or more verification factors to gain access to a resource such as an application, online account, or a VPN, and is a core component of a strong identity and access management (IAM) policy.

Unfortunately, as of late, cyber attackers have found ways to circumvent MFA security.

Recently, Microsoft reported a massive series of phishing attacks has targeted more than 10,000 organizations starting with September 2021, using the gained access to victims' mailboxes in follow-on business email compromise (BEC) attacks. Microsoft stated that the attackers used adversary-in-the-middle (AiTM) phishing sites stole passwords, hijacked a user's sign-in session, and skipped the authentication process even if the user had enabled multi factor authentication (MFA)

In this attack, hackers deploy a proxy server between a target user and the website the user wishes to visit (that is, the site the attacker wishes to impersonate). Microsoft found that such a setup allows the attacker to steal and intercept the target’s password and the session cookie that proves their ongoing and authenticated session with the website, allowing them to bypass MFA.

“Along with new practices by cyber attackers, MFA also still allows for simple mistakes on the user’s end to be the breach point for hackers,” said Ryan Walsh, Chief Operating Officer at Pax8, a global cloud marketplace that simplifies the way organizations buy, sell, and manage cloud solutions, including security as a service.  “Some workers are overcome with what’s known as MFA fatigue, which refers to the overload of notifications or prompts via MFA applications, in multiple accounts, that the user receives during the day to perform logins or approve different actions. This leads employees to start setting security best practices aside and become careless, putting their organization and their accounts in danger of compromise, so it’s very important to reduce friction using more automation and intuitive tools.”

As Walsh noted, between new attack methods, and MFA fatigue, small and medium enterprises have begun looking for new and improved cybersecurity solutions and applications to bolster their defenses. “For most of these companies, the answer to their protection problem lies not in one simple solution, but from a managed service provider (MSP), whose services can help enhance cybersecurity,” Walsh explained. “This rings especially true for small and mid-size businesses, where their employees spend most of their time using web browsers and accessing applications while performing their everyday tasks.”

However, before they can bolster defenses for clients and customers, MSPs must first undergo their own cybersecurity transformation, to keep up with the innovation of hacker’s attacks. A TechValidate survey found that 87 percent of surveyed MSPs have lost customers due to insufficient cybersecurity services provided.

“With the volume, velocity and intensity of today’s attacks, from phishing, malware, ransomware, zero-day attacks, and web-borne threats, it is critical for MSPs to begin adopting and leveraging all the tools available at their disposal to combat cyberattacks,” Walsh said. “One of the most notable tools MSPs are starting to use in the fight against hackers are Secure Access Service Edge (SASE) solutions, and web and mobile browser isolation and protection solutions that can be delivered as a service, in the cloud, and can protect all the way down to the device and end-user level.”

Pax8 announced this week that they struck a global agreement with Nord Security, one of the leaders in the cybersecurity market. Pax8 will offer its partners two key products in the Nord Security portfolio, including NordLayer and NordPass. This agreement is Nord Security’s first entry into the IT channel market through distribution.

“Security is a huge focus for Pax8, and we are committed to partnering with the leading security vendors to enable MSPs to create the most comprehensive technology stack for their clients,” Walsh said. “Nord Security provides one of the most advanced security solutions in the industry and has been recognized by some of the most influential IT security specialists and tech sites.”

SASE, along with its combined package of technologies such as SD-WAN, Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), Zero Trust Network Access (ZTNA), and Firewall as a Service (FWaaS), helps greatly improve an enterprises cybersecurity. Between the variety of technologies, SASE can identify sensitive data and malware, decrypt content at line speed, continuously monitor sessions, and assess risk and trust levels.

The technology, while still relatively new, is growing at a swift pace. The global secure access service edge market size was valued at $665.9 million in 2020,but is expected to grow to $5.36 billion by 2027. The growth comes as no surprise, as MSPs increasingly look to adopt SASE solutions to enhance their cybersecurity repertoire in a digital age lurking with potential hackers

The benefits provided to MSPs who leverage SASE solutions are bountiful, improving multiple parts of their cybersecurity offering to customers. For example, SASE solutions add zero-trust security to an MSPs cybersecurity portfolio. Zero-trust is a security framework requiring all users, whether in or outside the organization’s network, to be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data.

SASE solutions can also allow MSPs to add Domain Name System (DNS) protection to their portfolio. DNS security protects DNS infrastructure from cyberattacks in order to keep it performing quickly and reliably, incorporating a number of overlapping defenses, including establishing redundant DNS servers, applying security protocols like DNSSEC, and requiring rigorous DNS logging.

Like many Internet protocols, the DNS system was not designed with security in mind and contains several design limitations. These limitations, combined with advances in technology, make DNS servers vulnerable to a broad spectrum of attacks, including spoofing, amplification, DoS (Denial of Service), or the interception of private personal information. And since DNS is an integral part of most Internet requests, it can be a prime target for attacks, making DNS protection critical in today’s world.

Walsh also noted another security provider on their marketplace, DefensX, whose technology converts a traditional web browser into a zero-trust secure browser. “Zero-trust threat prevention technology protects users from advanced cybersecurity attacks by isolating threats from reaching endpoint devices, such as desktops, laptops, smartphones, and tablets,” Walsh said, “and is a perfect example of how enterprises can build security stacks that make sense for their business. In a borderless workforce world, having protection down to the device, end-user, and application has never been more important.”

“We are excited to work with Pax8 and offer our innovative solutions to their expansive partner ecosystem,” said Osman Erkan, Founder and CEO at DefensX. “The number and impact of cyber breaches targeting businesses of all sizes are growing exponentially.  Organizations need to re-think the trust relationship built over the years with the Internet, end-users, devices, and locations. Our advanced zero-trust end-point web threat protection technology can easily secure and manage Pax8 partners and their end-users across all devices, ensuring their clients work safely from anywhere, on any device, over any network.”

Overall, cybersecurity is only set to become more crucial than it already is, expected to grow in importance alongside technological innovation. The cost of a successful endpoint attack is already up to $9 million, from $7.1 million last year, so for MSPs who wish to help customers stave off this financial hardship and remain competitive, cybersecurity improvement must be a point of emphasis. SASE solutions can aid MSPs in bolstering their cybersecurity offerings, which in turn benefit everyone involved, from the MSPs to the consumers themselves.


Edited by

Erik Linask