Americans Can’t Rely On 2FA To Combat Russian Hackers: CISA

Most Americans have relied on various forms of cyber security. American financial institutions will mandate you to use Two-Factor Authentication (2FA) to protect your valuables. Unfortunately, this may not be able to deter cyber attacks as some attackers have found a way around it.

One such group are Russian-backed hackers who are exploiting vulnerabilities in the alleged security system, undermining authentication and disguising their access as those of the original account owners.

In May 2021, state sponsored attackers exploited accounts linked to an unnamed non-governmental organization (NGO) and were able to access sensitive data. The US Cybersecurity and Infrastructure Security Agency (CISA) suggested that weak password choices and a long-dormant account served as the first detectable weakness that was capitalized on.

CISA further stated that the attackers were able to get inside the old account, activate it, and enroll it in 2FA. Once the system viewed the hacked account as legit, the cyberattackers could run rampant.

The agency deduced that the attacks were facilitated by a major Windows Print Spooler vulnerability, “PrintNightmare.” The said weakness surfaced last summer, and is a pretty serious vulnerability that exposes Windows systems to arbitrary code execution.

Once compromised, an attacker can do basically whatever they want, with full system-level permissions.

Why Americans?

A previous report has it that there has been an increase in cyber attacks since the U.S. and its allies imposed sanctions on the said aggressor. The news outlet noted that Russia appears to have officially declared cyberwar on the US.

With the war in Ukraine raging, we may see more attacks aimed at critical infrastructure and Americans as its government continues to impose strict sanctions on Russia.