Microsoft’s new enforcement of mandatory Multi-Factor Authentication (MFA) across Azure services marks a critical shift in cybersecurity. This initiative is huge news, yet it’s surprising there hasn’t been more discussion on the topic—especially in the insurance industry. With the vast numbers of Microsoft 365 accounts compromised annually, mandatory MFA for Microsoft applications will help close a major gap in network security and could significantly improve loss ratios for insurers.
At DynaRisk, we encounter thousands of hacked MS365 credentials every day. This data is a crucial part of our risk scoring and alerting platform, Breach Check, which helps organisations proactively manage their exposure to data breaches and cyber attacks. While Microsoft’s push for multifactor authentication (MFA) is an important advancement, there are still challenges to address in ensuring strong cybersecurity protection. Here are two key points to keep in mind.
1. The Scope of Compromise in Multi-User Environments
When even a single end-user within a company is compromised, hackers can steal 50 to 100+ credentials from that individual’s device. After obtaining these, it’s often a matter of trying each to find credentials without MFA protection. The ease with which hackers can target unprotected accounts underscores the need for comprehensive security awareness and MFA policies within organisations.
2. MFA Bypass
While MFA greatly improves security, it doesn’t achieve 100% protection. Here are a few common ways attackers bypass MFA protections:
- Session Hijacking with Infostealer Malware: With infostealer malware, hackers intercept authenticated sessions and bypass MFA, leveraging users’ “Trust this device” selections. This common convenience feature can, unfortunately, become a vulnerability.
- Social Engineering Attacks on Help Desks: Attackers often impersonate legitimate users over the phone, manipulating support desks into resetting or disabling MFA tokens. Training and vigilance in support teams can be a crucial defence against such tactics.
- MFA Fatigue Attacks: By repeatedly prompting users with MFA requests, attackers can wear down the target’s patience, often resulting in the user granting access.
While mandatory MFA for Microsoft applications is a major step forward, these examples highlight the reality of cybercrime: as the industry raises the bar, attackers constantly adapt, and the cybersecurity arms race continues.
How DynaRisk Helps Insurers
As a cyber risk management software provider with a specialised focus on the insurance sector, DynaRisk delivers actionable insights and threat intelligence that help insurers prevent claims. Our platform, Breach Check, offers risk scoring and real-time alerts, including alerts on compromised credential data, empowering companies to take proactive measures against cyber threats.
We also offer a range of other software solutions and services that assist insurers in protecting their policyholders. This leads to fewer claims, which enhances product profitability, performance, and customer engagement.
To learn more about how DynaRisk’s range of cyber risk solutions can help support your insurance product or programme, get in touch.