Your hacker can simply use a valid username/password combination they have stolen with an older mail client that does not use modern authentication (such as Outlook 2010 and below). Let’s return then to our example – your users are all protected by MFA but you haven’t blocked legacy authentication protocols in your tenant. MFA is not effective against legacy authentication protocols. “No problem though,” I hear you say, “all our users are protected by MFA, and MFA can block almost all account compromise attacks.” Whilst that statement is certainly true ( over 99.9% true according to Microsoft), what is commonly overlooked is that MFA can only block account compromise attacks where modern authentication is being used. No doubt the information contained in the mailboxes of these users could be useful for any number of further hacking activities. Through various nefarious means, a hacker has managed to obtain a list of compromised username and password combinations for your organisation – including some C-level executives. Let’s run through an example of why legacy authentication represents such a security risk. Azure AD accounts in organizations that have disabled legacy authentication experience 67 percent fewer compromises than those where legacy authentication is enabled.More than 97 percent of credential stuffing attacks use legacy authentication.More than 99 percent of password spray attacks use legacy authentication protocols.Here are some rather stark facts from Microsoft about legacy authentication: The reason for this is simple – unlike modern authentication protocols, legacy authentication methods neither understand nor respect multi-factor authentication (MFA).
What are the risks of legacy authentication?Īlthough legacy authentication is still commonly (and legitimately) used in many organisations it offers a major security weakness to hackers, providing them with ‘back door’ access to your corporate data.
0 kommentar(er)
