An Example of How MFA Can Prevent a Cyberattacks with Gen AI

While no security method is completely unsurpassable, multi-factor authentication (MFA) systems are the first barrier of defence and are highly effective.

Not surprisingly, a report by the US Cybersecurity and Infrastructure Agency (CISA) claims that MFA makes users 99% less likely to be hacked.

Despite this, more than half of SMEs have not yet implemented MFA, as reported a few months ago.

“Multi-factor authentication (MFA) is one of the most effective means of stopping phishing created so far. Recently, however, new attacks and phishing-as-a-service (PhaaS) kits have emerged that can bypass MFA. These kits range from simple code to highly advanced products able to steal credentials, MFA tokens and other sensitive information,” explains Hervé Lambert, Global Consumer Operations Manager at Panda Security.

In any case, these systems usually thwart most attacks, as in the example shared by the cybersecurity company, in which MFA would have been able to halt a scam powered by generative artificial intelligence (Gen AI).

The case cited by Panda involves a technology company that provides cloud services for enterprises and therefore stores sensitive customer data, including financial and personal information.

Given the sensitivity of the data, the company has several layers of security, including MFA to access its systems.

Thus, one of its employees received a suspicious email, which appeared to come from an external service provider with whom the company works regularly.

The email asked the employee to click on a link and provide his login credentials to access a supposed security update.

However, the employee, aware of the phishing risks, decided not to follow the link and instead reported the suspicious email to the company’s security teams.

The security teams investigated and discovered that the link in the email was certainly a phishing trap designed to steal login credentials.

Although the worker did not take the cybercriminals’ bait, Panda points out that the MFA would have helped stop the attempted cyberattack in several ways. Firstly, it explains that it would have detected the unauthorised login attempt.

Although the phishing email was intended to trick the employee into providing their credentials, the additional layer of MFA required to log in provided an additional barrier.

Thus, had the employee provided his credentials, the attacker would still have needed the second authentication factor to access the account.

It would have also issued a notification of a suspicious login attempt, as the MFA system was configured to notify security administrators of suspicious or failed login attempts.

The login attempt from an unrecognised device would have triggered an alert to security teams, allowing them to investigate and take immediate preventative action.