Implementing Multi-Factor Authentication in Response to Cybersecurity Breach

Case Study: Implementing Multi-Factor Authentication in Response to Cybersecurity Breach

About the Firm: 

The client is a professional services organization in the Midwest and Western United States. They are a top player in their field regionally and have been a partner of GadellNet since 2017.  With their permission, they let us share their story, so it doesn’t happen to you.

About the Breach:

The firm experienced a breach to their cloud-based email and file storage platform as a result of a targeted phishing attack. They were tipped off to the breach when the payroll system flagged a transaction for $150,000 for three hours of work made payable to a fictional employee.   To compound the issue, this breach happened the same week that the payroll accountant and the company’s CEO were both out of the office.

The firm had transitioned to the cloud because of a ransomware attack on their previous on-premises environment. In that situation, the servers had been taken hostage via the use of an old admin password. When the cloud migration project was completed, the firm was advised to implement multi-factor authentication (MFA). They opted out of the implementation until a more convenient time.

As soon as the breach was mitigated by GadellNet’s cybersecurity team and the environment had been resecured, the main point of contact met with their dedicated GadellNet account manager to talk about implementing MFA.

Key Learnings:

  • Being proactive by implementing security measures like MFA is the best deterrent for data breaches.
  • Most data breaches occur because an employee accidentally lets in a bad actor. These guys are getting good, not to mention patient, which is why it is of paramount importance to train employees on how to detect phishing scams.
  • Since email addresses are usually also a username, hackers already have access to half the information they need to breach the system.
  • Employees can be targeted based on their role within the organization.
  • Once a breach has occurred, it is likely that the bad actor will return in short succession. Remaining vigilant, even after the first attack has been stopped, is the best way to protect against further data loss.

 Result:

MFA can seem like an annoying extra step, but it could be the difference between a secure server and a major breach. Since GadellNet implemented MFA, the firm’s leadership have reported that they sleep better at night knowing that the solution stops 99.9% of breaches from email.

Attacks like this one can no longer be treated as an “if…”, they are a “when…”. Bad actors are becoming more adept at infiltrating your systems and attacks are becoming harder to identify. Without proper cybersecurity precautions, your organization could be left exposed.