Attackers Bypass MFA, Target Cloud Services


The Federal Bureau of Investigation (FBI) has warned that cyberattackers are bypassing multi-factor authentication, otherwise known as MFA, and are actively and successfully targeting cloud services of US organizations. 

In an alert memo released by the Cybersecurity and Infrastructure Security Agency (CISA) last Wednesday, they have emphasized that “several recent successful cyberattacks” were conducted and focused on compromising the cloud. 

The Feds mentioned that “these types of attacks frequently occurred when victim organizations’ employees worked remotely and used a mixture of corporate laptops and personal devices to access their respective cloud services.” They also added that “Despite the use of security tools, affected organizations typically had weak cyber-hygiene practices that allowed threat actors to conduct successful attacks.”

Rebyc Security released a study that reports that 35% of companies are planning to adapt to the cloud spurred by the pandemic work realities. This means that cloud adoption and migration will increase this 2021. With that, the National Security Agency has issued a warning that cyber attackers have developed techniques to target and compromise the clouds.