[CDP-development] CISA Releases Guidance on Phishing-Resistant and Numbers Matching Multifactor Authentication
Masse, Theresa
theresa.masse at cisa.dhs.gov
Mon Oct 31 11:42:09 PDT 2022
FYSA
The Cybersecurity and Infrastructure Security Agency (CISA) released a released two fact sheets to give IT leaders and network defenders an improved understanding of current threats against accounts and systems that use multifactor authentication (MFA), "Implementing Phishing-Resistant MFA<https://www.cisa.gov/sites/default/files/publications/fact-sheet-implementing-phishing-resistant-mfa-508c.pdf>" and "Implementing Number Matching in MFA Applications<https://www.cisa.gov/sites/default/files/publications/fact-sheet-implementing-phishing-resistant-mfa-508c.pdf>."
Because not all forms of MFA are equally secure, the phishing-resistant fact sheet informs organizations and users of the threats to MFA and how to implement the most secure form of MFA. CISA also published an infographic of the hierarchy of MFA options that is available on CISA.gov/MFA<https://www.cisa.gov/mfa>, which shows phishing-resistant MFA as the strongest choice.
For small- and medium-size business that cannot immediately implement phishing-resistant MFA, the fact sheet on implementing number matching provides guidance for organizations to mobile push with number matching as an interim option. While "number matching" MFA is a great interim mitigation, CISA encourages organizations to develop plans to migrate to phishing resistant MFA.
As part of long- and intermediate-term plans to apply Zero Trust principles, CISA encourages all organizations to implement phishing-resistant MFA. CISA recommends that organizations identify systems that do not support MFA and develop a plan to either upgrade these systems to support MFA or migrate to new systems that support MFA.
In the past year, CISA has seen bypass attacks on MFA increase and intensify. However, we only have heard about some of these bypass attacks because the attackers went public. All organizations should share information on incidents and anomalous activity to CISA 24/7 Operations Center at report at cisa.gov or Report | CISA<https://www.cisa.gov/report> and/or to the FBI via your local FBI field office or the FBI's 24/7 CyWatch at (855) 292-3937 or CyWatch at fbi.gov<mailto:CyWatch at fbi.gov>.
CISA has updated CISA.gov/MFA<https://www.cisa.gov/mfa> with this new guidance along with the infographic.
Theresa A. Masse
Cybersecurity State Coordinator/Advisor, Region 10 (Oregon)
Cybersecurity and Infrastructure Security Agency
Department of Homeland Security
Phone: (503) 930-5671
Email: theresa.masse at cisa.dhs.gov<mailto:theresa.masse at cisa.dhs.gov>
[cid:image001.png at 01D8ED1D.C1FB3550]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20221031/f86e349e/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 16152 bytes
Desc: image001.png
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20221031/f86e349e/attachment-0001.png>
More information about the CDP-development
mailing list