Enhance cloud security with more than just multifactor authentication

TLDR:

• UNC5537 cybercriminal group steals data from Ticketmaster and Santander Bank through compromised credentials
• Companies need to go beyond multifactor authentication (MFA) to protect cloud data

Multifactor Authentication Is Not Enough to Protect Cloud Data

A recent spate of data breaches affecting large companies like Ticketmaster and Santander Bank highlights the importance of going beyond multifactor authentication (MFA) to protect cloud data. The breaches, attributed to the UNC5537 cybercriminal group, were a result of compromised credentials and poor controls on MFA. While MFA is a good security measure, companies using cloud services need to take additional steps to secure their data.

According to the analysis by incident-response firm Mandiant, the data leaks were not due to a vulnerability in the system but rather from stolen credentials. This indicates that simply relying on MFA is not sufficient for protecting sensitive cloud data. Companies need to focus on other measures to enhance their security posture.

Here are some key takeaways from the latest cloud breaches:

1. Implement MFA and additional security measures
2. Use access control lists to limit authorized IP addresses
3. Maximize visibility into cloud services for monitoring
4. Avoid relying solely on cloud providers’ defaults for security
5. Check security measures of third-party providers to protect data

In conclusion, companies must prioritize security and adopt a comprehensive approach to protect their cloud data from cyber threats. Simply relying on MFA is not enough, and additional measures need to be implemented to mitigate the risk of data breaches.