A recently released federal report analyzing malicious cyber activity compromising the U.S. election provides yet another reminder that traditional authentication is not enough to combat cyberthreats.

The Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI) joint report analyzed efforts to “compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. government, political, and private sector entities.”

The malicious activity, referred to as Grizzly Steppe in the report, linked to the Russian civilian and military intelligence services, was labeled “part of an ongoing campaign of cyber-enabled operations.”

These operations included:

  • spearphishing
  • damaging or disruptive cyber-attacks
  • attacks on infrastructure networks
  • third party attacks using false online personas

The DHS released technical details and recommended network administrators review the IP addresses, file hashes and YARA signatures to root out malicious activities on their own networks.

The report also recommended a commitment to cybersecurity best practices. These included backing up critical information, analyzing cybersecurity risks, scanning for system vulnerabilities, implementing and practicing an incident response plan and testing for penetration openings. 

Giving Cyber Security Sharper Teeth

Behavioral biometrics represents yet another cybersecurity best practice that can assure the integrity of a session post log-in. This holistic, continuous approach to user authentication analyzes hundreds of behavioral parameters every second. The BioCatch system uses 500+ unique metrics to differentiate between direct and remote users. Identifying the subtle differences between human and non-human users can lead to quicker alerts of breaches while also reducing false alarms.

While many organizations today are moving to two-factor authentication  — in which the user enters a username and password and then is faced with a second security protocol (such as security questions) before being authenticated — continuous authentication is the more effective solution. Consistently monitoring user activity throughout the cyber-interaction detects fraudulent activity without causing friction for legitimate users. In fact, with BioCatch’s patented Invisible Challenges, the user is unaware that testing or authentication is in progress. 

View our Webinars to Learn More Best Practices

 

Sources:

Grizzly Steppe — Russian Malicious Cyber Activity. (2016, December 29). https://assets.documentcloud.org/documents/3248231/Report-on-Russian-Hacking.pdf

  

Related Posts