I called Spectrum last week for a client who had a computer breach. The client’s password was non-operational, and we needed assistance from their support. By simply providing their name, email address, and address I was able to change their password.
It was not done with malicious intent or to test their security, I was simply in a hurry and used the language that I know works best to get results from an internet service provider.
This is a great example where Two-factor authentication (2FA) would have prevented me to easily access someone else’s account.
If you have ever been to a website that requires numerical code to be sent via text to your cell phone for access to the website, you have used two-factor authentication. 2FA is an added layer of security that requires two of the three following things for access to your data:
- Something you know — like a password
- Something you have — like a numerical key code
- Something you are — like a fingerprint
Microsoft Authenticator and Google Authenticator are just a couple examples of 2FA solutions. They provide you with a 6 digit code that has to be entered when accessing an account.
We use 2FA for all of our accounts here at ASSI, therefore requiring employees to receive their 6 digit code by either:
- A call to a pre-defined phone number,
- A text sent to a pre-defined cell phone,
- The use of a pre-defined app.
Cast members for the hit television series “Game of Thrones” must set up 2FA on their emails to prevent them being hacked. Staff doesn’t get paper scripts any more but rather it must be viewed digitally. Scripts will not be distributed to anyone who is not using two-step verification.
This is most likely due to the breach where Behzad Mesri was charged with stealing unaired episodes of HBO programs such as “Ballers,” “Curb Your Enthusiasm” and “The Deuce.”
Mesri also stole scripts and plot summaries for “Game of Thrones,” according to the indictment. It said he obtained credentials that HBO employees use to access the network, then used those accounts to steal data from the company’s servers.
The U.S. Attorney is unable to arrest Mesri in Iran, but it will limit his ability to travel internationally.
Cybercriminals are constantly coming up with new ways to infiltrate systems, so we must constantly evolve security measures to keep up with the ever-changing technologies that they are using. Nothing can fully eliminate risk, but the use of 2FA is certainly more secure than using just a password alone.
We at Advanced Systems Solutions have helped to ensure that many different types of organizations are utilizing up-to-date security solutions. If you’re looking for a support company to ensure you are secure, with unmatched customer service, please contact us. We love to help!
Like our Facebook page by clicking on the icon at the top right of this page to stay up to date with date with current alerts and information!
Disclaimer: The above information is not intended as technical advice. Additional facts or future developments may affect subjects contained herein. Seek the advice of an IT Professional before acting or relying on any information in this communiqué