* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Sunday, September 28, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    TicketSmarter Fall Entertainment Guide – Eastern Illinois University Athletics

    TicketSmarter Fall Entertainment Guide – Eastern Illinois University Athletics

    Cardi B Adds More Dates to Little Miss Drama Tour: ‘Y’all Making Me Work’ – Yahoo

    Cardi B Extends Little Miss Drama Tour: “Y’all Making Me Work

    ‘Today’: Sheinelle Jones Thanks Katie Couric for Support After Husband’s Death – CBS 19 News

    Sheinelle Jones Expresses Heartfelt Thanks to Katie Couric for Support After Husband’s Passing

    Sate your hunger at DBA’s Taste of Downtown – Bakersfield.com

    Indulge Your Cravings at DBA’s Taste of Downtown!

    Caesars Entertainment (CZR): Assessing Valuation After Times Square Casino Setback and Mounting Investor Concerns – simplywall.st

    Caesars Entertainment Faces Times Square Casino Hurdles as Investor Concerns Mount

    Why Hilaria Baldwin Has Found the ‘DWTS’ Process ‘Embarrassing’ At Times – WFXG

    Hilaria Baldwin Opens Up About the Embarrassing Moments on Her ‘DWTS’ Journey

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    How Sustainable Technology is Shaping a Greener Future – Technology Magazine

    How Sustainable Technology is Driving the Revolution Toward a Greener Future

    Aurora police hope to add facial recognition technology to crime-fighting tools – CBS News

    Aurora Police Aim to Boost Crime-Fighting with New Facial Recognition Technology

    Autonomous Solutions shows off cutting-edge technology for the public – Cache Valley Daily

    Autonomous Solutions Unveils Cutting-Edge Technology for the Public

    Amazon to Pay $2.5 Billion in Prime Membership Settlement – The New York Times

    Amazon to Pay $2.5 Billion in Prime Membership Settlement – The New York Times

    What are we really gaining from technology? – Fast Company

    What Are We Really Gaining from Technology?

    TOMI Environmental Solutions, Inc. Expands SteraMist iHP Technology Services in Healthcare Sector with New Provider Partnership – Quiver Quantitative

    TOMI Environmental Solutions Accelerates SteraMist iHP Technology Expansion in Healthcare with New Provider Partnership

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    TicketSmarter Fall Entertainment Guide – Eastern Illinois University Athletics

    TicketSmarter Fall Entertainment Guide – Eastern Illinois University Athletics

    Cardi B Adds More Dates to Little Miss Drama Tour: ‘Y’all Making Me Work’ – Yahoo

    Cardi B Extends Little Miss Drama Tour: “Y’all Making Me Work

    ‘Today’: Sheinelle Jones Thanks Katie Couric for Support After Husband’s Death – CBS 19 News

    Sheinelle Jones Expresses Heartfelt Thanks to Katie Couric for Support After Husband’s Passing

    Sate your hunger at DBA’s Taste of Downtown – Bakersfield.com

    Indulge Your Cravings at DBA’s Taste of Downtown!

    Caesars Entertainment (CZR): Assessing Valuation After Times Square Casino Setback and Mounting Investor Concerns – simplywall.st

    Caesars Entertainment Faces Times Square Casino Hurdles as Investor Concerns Mount

    Why Hilaria Baldwin Has Found the ‘DWTS’ Process ‘Embarrassing’ At Times – WFXG

    Hilaria Baldwin Opens Up About the Embarrassing Moments on Her ‘DWTS’ Journey

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    How Sustainable Technology is Shaping a Greener Future – Technology Magazine

    How Sustainable Technology is Driving the Revolution Toward a Greener Future

    Aurora police hope to add facial recognition technology to crime-fighting tools – CBS News

    Aurora Police Aim to Boost Crime-Fighting with New Facial Recognition Technology

    Autonomous Solutions shows off cutting-edge technology for the public – Cache Valley Daily

    Autonomous Solutions Unveils Cutting-Edge Technology for the Public

    Amazon to Pay $2.5 Billion in Prime Membership Settlement – The New York Times

    Amazon to Pay $2.5 Billion in Prime Membership Settlement – The New York Times

    What are we really gaining from technology? – Fast Company

    What Are We Really Gaining from Technology?

    TOMI Environmental Solutions, Inc. Expands SteraMist iHP Technology Services in Healthcare Sector with New Provider Partnership – Quiver Quantitative

    TOMI Environmental Solutions Accelerates SteraMist iHP Technology Expansion in Healthcare with New Provider Partnership

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Business

Don’t gamble with your identity verification practices

October 17, 2023
in Business
Don’t gamble with your identity verification practices
Share on FacebookShare on Twitter

Rick Grinnell

Opinion

Oct 16, 20235 mins

RansomwareSecurity

Ransomware attacks are becoming more prevalent and lucrative for hackers. These incidents are likely to persist until industry mechanisms are implemented to verify individuals’ identities effectively.

Déjà vu can suck sometimes.

Earlier this year, I wrote about the importance of organizations reviewing their password management strategies. I also emphasized that companies need to urgently review their employee access protocol, writing that companies must “make it a point to do continuous employee training to help your teams avoid being duped by phishing and malware tactics.”

But casino gaming companies MGM Resorts International and Caesars Entertainment were caught short in this area in recent weeks by hackers using identity-based and social engineering attacks that spoofed identity to gain access to secure systems.

SUBSCRIBE TO OUR NEWSLETTER

From our editors straight to your inbox

Get started by entering your email address below.

Please enter a valid email address

According to reports, MGM and Caesars were both customers of identity management company Okta. The firm had seen continuous patterns of activity that showed that bad actors tried to get passwords to privileged user accounts. Okta issued an alert to clients in late August warning about incoming threats by hackers to gain access to “manipulate the delegated authentication flow via Active Directory (AD) before calling the IT service desk at a targeted organization, requesting a reset of all MFA factors in the target account.”

Caesars noted in a filing that an “unauthorized actor” had stolen data in a social engineering attack targeting an outsourced IT support vendor, according to an InfoSecurity report. Caesars had seen some evidence of recent suspicious activity and learned on September 7 that its systems had been compromised, with the bad actors hacking into a loyalty program database with members’ Social Security and driver’s license numbers.

According to reports, the hacker groups identified as BlackCat/ALPHV and Scattered Spider are behind these attacks. Caesars and MGM were held to cash ransom demands in exchange for not releasing the data into the wild. Some reports noted that both organizations complied with the demands by paying the hackers ‘tens of millions of dollars.’

Both events showed a consistent pattern of using an employee’s identity and using social engineering to fool the IT helpdesk into providing access. According to a Reuters report, these ransomware bandits also breached the systems of several other companies operating in manufacturing, retail, and technology.

Understanding black hat attacks

Ransomware heists have become increasingly common in recent years as they have become more profitable for hackers.

The formula is well-known: black hat hackers encrypt a company’s data and demand a ransom payment for the decryption key. If the company does not pay the ransom, the hackers threaten to release the data to the public or sell it to other criminals. These cyber thieves target companies of all sizes but are often keen on enterprise organizations with valuable data.

This vulnerability is not unique to MGM nor Okta; it’s a systemic problem with multi-factor authentication. MFA, which was designed to authenticate devices, falls short in secure enrollment and recovery processes which is critical where identifying the human user is critical. This is an acknowledged limitation stemming from its original design as it wasn’t developed to address this specific challenge.

It’s worth re-mentioning that a 2022 study by security company Tessian and Stanford University professor Jeff Hancock found that employee mistakes and human errors were the cause of 88% of data breach events. IBM Security pegged that same number higher, to 95%.

In addition to the financial cost of the ransom payment, businesses can also lose revenue and productivity due to downtime and the need to recover from the attack. Ransomware heists can also damage a company’s reputation and erode customer trust.

How to combat ransomware attempts

Sadly, these events are likely to continue until industry mechanisms are installed to fact-check a person’s identity. This should happen across the board.

Should companies enact a ‘secret word’ response to verify one’s identity? Here’s a simple analogy: when you accidentally trip your home security system at home, your home security company contacts you to confirm if a break has occurred. When you answer, the company may ask for a ‘secret word’ to verify that it is you, the homeowner, and it was an accidental trip of the system. It sounds simple, but it could be a hedge against similar social engineering and phishing hacks. But this simplistic solution doesn’t scale and has its own vulnerabilities.

Taking this to the next level, a better solution to this problem would be an automated method to digitally validate a conversation on a peer-to-peer basis. This would verify that these identified persons are conversing within or outside an organization. It’s almost eerily similar to an early Star Trek episode (Whom Gods Destroy) when Spock encounters duplicate versions of Captain Kirk and requires a specific answer from Captain Kirk to be assured of the real Kirk’s identity. Okta has suggested adding video to the authentication workflow to address the spoofing issue, but this can easily be circumvented by all of the generative AI-based solutions in the market, similar to the Captain Kirk identity duplication.

Identity technology can solve this issue at scale, and innovative startup companies have begun to emerge. AI-enabled software solutions can add routine flows within your processes to prompt users to verify their identity as additional security before transactions or account changes. Today there are systems that can also verify attributes such as age and account ownership before speaking to an agent.

Numerous use cases can extend from call center verification to enterprise use verification and even into other business and personal categories in the years ahead. We should all be assured that we are interacting authentically with the person(s) who they say they are. It might make us feel safer and more secure in our connected world.

Related content

opinion

The changing face of cybersecurity threats in 2023

Cybersecurity has always been a cat-and-mouse game, but the mice keep getting bigger and are becoming increasingly harder to hunt.

By Dipti Parmar

Sep 29, 2023

8 mins

Cybercrime
Security

opinion

CIOs worry about Gen AI – for all the right reasons

Generative AI is poised to be the most consequential information technology of the decade. Plenty of promise. But expect novel new challenges to your enterprise data platform.

By Mike Feibus

Sep 20, 2023

7 mins

CIO
Generative AI
Artificial Intelligence

opinion

CIOs are worried about the informal rise of generative AI in the enterprise

What a difference a few months has made in both expected and unexpected ways

By Rick Grinnell

Aug 30, 2023

6 mins

Generative AI
Artificial Intelligence

opinion

The four Es of AI: Keeping up with the trend that never sleeps

Companies that educate, explore, experiment, and expand, perpetually, with the right pace and sequencing, are most likely to win with AI

By Michael Bertha

Aug 25, 2023

8 mins

Generative AI
Artificial Intelligence

Podcasts

Videos

Resources

Events

SUBSCRIBE TO OUR NEWSLETTER

From our editors straight to your inbox

Get started by entering your email address below.

Please enter a valid email address

Rick Grinnell

Rick Grinnell is Founder and Managing Partner of Glasswing Ventures, focusing on investments in AI-enabled security and enterprise infrastructure.

More from this author

Most popular authors

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : CIO – https://www.cio.com/article/655886/dont-gamble-with-your-identity-verification-practices.html

Tags: businessDon’tgamble
Previous Post

FinOps is the discipline enterprises need to optimize cloud spending

Next Post

How to get internal employee poaching right

Real-World Data Support Dual Benefit of Biologic Therapy for Hidradenitis Suppurativa – The American Journal of Managed Care® (AJMC®)

Real-World Data Support Dual Benefit of Biologic Therapy for Hidradenitis Suppurativa – The American Journal of Managed Care® (AJMC®)

September 28, 2025
Recession seems far off — that’s the good news. Yet the economy is also far from trouble-free. – MarketWatch

Recession seems far off — that’s the good news. Yet the economy is also far from trouble-free. – MarketWatch

September 28, 2025
TicketSmarter Fall Entertainment Guide – Eastern Illinois University Athletics

TicketSmarter Fall Entertainment Guide – Eastern Illinois University Athletics

September 28, 2025
Is Clover Health (CLOV) Using AI to Shift Its Healthcare Competitive Position? – simplywall.st

Is Clover Health (CLOV) Revolutionizing Healthcare with Cutting-Edge AI?

September 28, 2025
Iowa Matters Less Than Ever for Democrats, but They Can’t Quit It – The New York Times

Iowa Matters Less Than Ever for Democrats, but They Can’t Quit It – The New York Times

September 28, 2025
Little Spokane River Spill – Washington State Department of Ecology (.gov)

Little Spokane River Spill – Washington State Department of Ecology (.gov)

September 27, 2025
St. Pete City Council voices support to save shuttered Science Center – FOX 13 Tampa Bay

St. Pete City Council voices support to save shuttered Science Center – FOX 13 Tampa Bay

September 27, 2025
LDWF Announces Temporary Closure of the Nature & Science Center at Port Wonder – Louisiana Department of Wildlife and Fisheries (.gov)

Temporary Closure of the Nature & Science Center at Port Wonder Announced

September 27, 2025
The One Ingredient That Gives Chickpeas That Perfect Crunch – Yahoo

The Secret Ingredient That Makes Chickpeas Irresistibly Crunchy

September 27, 2025
How Sustainable Technology is Shaping a Greener Future – Technology Magazine

How Sustainable Technology is Driving the Revolution Toward a Greener Future

September 27, 2025

Categories

Archives

September 2025
M T W T F S S
1234567
891011121314
15161718192021
22232425262728
2930  
« Aug    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (840)
  • Economy (861)
  • Entertainment (21,735)
  • General (17,281)
  • Health (9,904)
  • Lifestyle (873)
  • News (22,149)
  • People (862)
  • Politics (871)
  • Science (16,070)
  • Sports (21,360)
  • Technology (15,843)
  • World (843)

Recent News

Real-World Data Support Dual Benefit of Biologic Therapy for Hidradenitis Suppurativa – The American Journal of Managed Care® (AJMC®)

Real-World Data Support Dual Benefit of Biologic Therapy for Hidradenitis Suppurativa – The American Journal of Managed Care® (AJMC®)

September 28, 2025
Recession seems far off — that’s the good news. Yet the economy is also far from trouble-free. – MarketWatch

Recession seems far off — that’s the good news. Yet the economy is also far from trouble-free. – MarketWatch

September 28, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version