Push-Bombing

You have probably heard or seen us talking about Multi-Factor Authentication (MFA) and how amazing it is as part of your security plan. The use of MFA has skyrocketed with the rise of technology. Think about how much work your company does that requires a username and password.

?

Hackers use various methods to get these login credentials. The goal is to gain access to business data as a user. You may be thinking – ‘well doesn’t MFA prevent these data breaches?’. Yes and no...MFA is a very effective at protecting cloud accounts and has been for many years. It is that effectiveness that has spurred hackers to find workarounds. One of these is Push-Bombing.

?

How Does Push-Bombing Work>

?

When a user enables MFA on an account, they typically receive a code or authorisation prompt of some kind. The user enters their login credentials, then the system send an authorisation request to the user to complete their login.? The MFA code or approval request will usually come through some kind of ‘push’ message. You can normally receive it in a few ways:

-????????????? SMS

-????????????? Popup

-????????????? App notification

Receiving the notification is a normal part of the multi-factor authentication login. It is something the user would be familiar with. With push-bombing, hackers start with the user’s credentials. They may get them through phishing or from a large data breach password dump.

?

They take advantage of the push notification process. Hackers attempt to log in many times. This sends the legitimate user several push notifications, one after the other. Many people question the receipt of an unexpected code that they didn’t request, but when someone is bombarded with these it can be easy to mistakenly click to approve access.

?

Here are some ways you can combat this scam:

?

Educate Employees

Knowledge is power. When a user experiences a push-bombing attack it can be disruptive and confusing. If employees have education beforehand they will be better prepared to defend themselves. Let employees know what push-bombing is, how it works and what to do if they think that they may be the victim of an attack.

?

Reduce Business App Sprawl

Did you know that on average, employees use 36 different cloud-based services per day. The more logins someone has to use the greater risk of a stolen password. Take a look at how many apps your business uses and see if there is a way you can consolidate them.

?

Enforce Strong Password Policies?

For hackers to send several push-notifications, they need to have the user’s login. Enforcing strong password policies reduces the chance that a password will get breached. Standard practices include:

-????????????? Using at least one upper and one lower case letter

-????????????? Using a combination of letters, numbers and symbols

-????????????? Not using personal information

-????????????? Storing passwords securely

-????????????? Not reusing passwords across several accounts

?

?

Multi factor authentication alone isn’t enough. Companies need several layers of protection to reduce their risk of a cloud breach.

If you need any help or advice, get in touch!

?

?