* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Sunday, June 1, 2025
Earth-News
  • Home
  • Business
  • Entertainment

    Unveiling the Enigmatic: First Looks at Destruction and Puck in ‘The Sandman

    Jackie Chan Reveals This Family Member ‘Never Watched’ The Whole Of Any Of His Movies – Yahoo

    Jackie Chan Reveals This Family Member ‘Never Watched’ The Whole Of Any Of His Movies – Yahoo

    Mavs CEO holds firm on new arena, entertainment district in Dallas – Dallas News

    Mavs CEO Stands Strong on Vision for New Arena and Entertainment District in Dallas

    Entertainment: On Your Marks, Get Set, Beer Run! – Urban Milwaukee

    Get Ready to Race: The Ultimate Beer Run Experience Awaits!

    Rachel Guttman Launches Entertainment Law Firm Gutt Law, PLLC [Exclusive] – MusicRow.com

    Rachel Guttman Unveils Exciting New Entertainment Law Firm: Gutt Law, PLLC!

    HYBE Cashes In: Offloads Final Stake in K-Pop Rival SM Entertainment for $177 Million!

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Bajeed Pattan Joins Forbes Technology Council as Innovation Leader – PRWeb

    Bajeed Pattan Takes the Helm as Innovation Leader at Forbes Technology Council!

    Lafayette Regional Technology Council – Tech Leadership That’s Homegrown and Future-Focused – Discover Lafayette

    Lafayette Regional Technology Council – Tech Leadership That’s Homegrown and Future-Focused – Discover Lafayette

    Drone technology demo in Cambria County showcases future of lifesaving medical deliveries – local21news.com

    Revolutionizing Healthcare: Drone Technology Takes Flight for Lifesaving Medical Deliveries in Cambria County

    Revolutionary Harvesting Technology Promises to Slash CAR-T Manufacturing Costs!

    Stop the Machines: The Rise of Anti-Technology Extremism – International Centre for Counter-Terrorism – ICCT

    Unplugged: The Surge of Anti-Technology Extremism

    Finland to head EU’s quantum defense technology project – Latest news from Azerbaijan

    Finland Takes the Lead in Pioneering EU’s Quantum Defense Technology Initiative!

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment

    Unveiling the Enigmatic: First Looks at Destruction and Puck in ‘The Sandman

    Jackie Chan Reveals This Family Member ‘Never Watched’ The Whole Of Any Of His Movies – Yahoo

    Jackie Chan Reveals This Family Member ‘Never Watched’ The Whole Of Any Of His Movies – Yahoo

    Mavs CEO holds firm on new arena, entertainment district in Dallas – Dallas News

    Mavs CEO Stands Strong on Vision for New Arena and Entertainment District in Dallas

    Entertainment: On Your Marks, Get Set, Beer Run! – Urban Milwaukee

    Get Ready to Race: The Ultimate Beer Run Experience Awaits!

    Rachel Guttman Launches Entertainment Law Firm Gutt Law, PLLC [Exclusive] – MusicRow.com

    Rachel Guttman Unveils Exciting New Entertainment Law Firm: Gutt Law, PLLC!

    HYBE Cashes In: Offloads Final Stake in K-Pop Rival SM Entertainment for $177 Million!

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Bajeed Pattan Joins Forbes Technology Council as Innovation Leader – PRWeb

    Bajeed Pattan Takes the Helm as Innovation Leader at Forbes Technology Council!

    Lafayette Regional Technology Council – Tech Leadership That’s Homegrown and Future-Focused – Discover Lafayette

    Lafayette Regional Technology Council – Tech Leadership That’s Homegrown and Future-Focused – Discover Lafayette

    Drone technology demo in Cambria County showcases future of lifesaving medical deliveries – local21news.com

    Revolutionizing Healthcare: Drone Technology Takes Flight for Lifesaving Medical Deliveries in Cambria County

    Revolutionary Harvesting Technology Promises to Slash CAR-T Manufacturing Costs!

    Stop the Machines: The Rise of Anti-Technology Extremism – International Centre for Counter-Terrorism – ICCT

    Unplugged: The Surge of Anti-Technology Extremism

    Finland to head EU’s quantum defense technology project – Latest news from Azerbaijan

    Finland Takes the Lead in Pioneering EU’s Quantum Defense Technology Initiative!

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Business

Don’t gamble with your identity verification practices

October 17, 2023
in Business
Don’t gamble with your identity verification practices
Share on FacebookShare on Twitter

Rick Grinnell

Opinion

Oct 16, 20235 mins

RansomwareSecurity

Ransomware attacks are becoming more prevalent and lucrative for hackers. These incidents are likely to persist until industry mechanisms are implemented to verify individuals’ identities effectively.

Déjà vu can suck sometimes.

Earlier this year, I wrote about the importance of organizations reviewing their password management strategies. I also emphasized that companies need to urgently review their employee access protocol, writing that companies must “make it a point to do continuous employee training to help your teams avoid being duped by phishing and malware tactics.”

But casino gaming companies MGM Resorts International and Caesars Entertainment were caught short in this area in recent weeks by hackers using identity-based and social engineering attacks that spoofed identity to gain access to secure systems.

SUBSCRIBE TO OUR NEWSLETTER

From our editors straight to your inbox

Get started by entering your email address below.

Please enter a valid email address

According to reports, MGM and Caesars were both customers of identity management company Okta. The firm had seen continuous patterns of activity that showed that bad actors tried to get passwords to privileged user accounts. Okta issued an alert to clients in late August warning about incoming threats by hackers to gain access to “manipulate the delegated authentication flow via Active Directory (AD) before calling the IT service desk at a targeted organization, requesting a reset of all MFA factors in the target account.”

Caesars noted in a filing that an “unauthorized actor” had stolen data in a social engineering attack targeting an outsourced IT support vendor, according to an InfoSecurity report. Caesars had seen some evidence of recent suspicious activity and learned on September 7 that its systems had been compromised, with the bad actors hacking into a loyalty program database with members’ Social Security and driver’s license numbers.

According to reports, the hacker groups identified as BlackCat/ALPHV and Scattered Spider are behind these attacks. Caesars and MGM were held to cash ransom demands in exchange for not releasing the data into the wild. Some reports noted that both organizations complied with the demands by paying the hackers ‘tens of millions of dollars.’

Both events showed a consistent pattern of using an employee’s identity and using social engineering to fool the IT helpdesk into providing access. According to a Reuters report, these ransomware bandits also breached the systems of several other companies operating in manufacturing, retail, and technology.

Understanding black hat attacks

Ransomware heists have become increasingly common in recent years as they have become more profitable for hackers.

The formula is well-known: black hat hackers encrypt a company’s data and demand a ransom payment for the decryption key. If the company does not pay the ransom, the hackers threaten to release the data to the public or sell it to other criminals. These cyber thieves target companies of all sizes but are often keen on enterprise organizations with valuable data.

This vulnerability is not unique to MGM nor Okta; it’s a systemic problem with multi-factor authentication. MFA, which was designed to authenticate devices, falls short in secure enrollment and recovery processes which is critical where identifying the human user is critical. This is an acknowledged limitation stemming from its original design as it wasn’t developed to address this specific challenge.

It’s worth re-mentioning that a 2022 study by security company Tessian and Stanford University professor Jeff Hancock found that employee mistakes and human errors were the cause of 88% of data breach events. IBM Security pegged that same number higher, to 95%.

In addition to the financial cost of the ransom payment, businesses can also lose revenue and productivity due to downtime and the need to recover from the attack. Ransomware heists can also damage a company’s reputation and erode customer trust.

How to combat ransomware attempts

Sadly, these events are likely to continue until industry mechanisms are installed to fact-check a person’s identity. This should happen across the board.

Should companies enact a ‘secret word’ response to verify one’s identity? Here’s a simple analogy: when you accidentally trip your home security system at home, your home security company contacts you to confirm if a break has occurred. When you answer, the company may ask for a ‘secret word’ to verify that it is you, the homeowner, and it was an accidental trip of the system. It sounds simple, but it could be a hedge against similar social engineering and phishing hacks. But this simplistic solution doesn’t scale and has its own vulnerabilities.

Taking this to the next level, a better solution to this problem would be an automated method to digitally validate a conversation on a peer-to-peer basis. This would verify that these identified persons are conversing within or outside an organization. It’s almost eerily similar to an early Star Trek episode (Whom Gods Destroy) when Spock encounters duplicate versions of Captain Kirk and requires a specific answer from Captain Kirk to be assured of the real Kirk’s identity. Okta has suggested adding video to the authentication workflow to address the spoofing issue, but this can easily be circumvented by all of the generative AI-based solutions in the market, similar to the Captain Kirk identity duplication.

Identity technology can solve this issue at scale, and innovative startup companies have begun to emerge. AI-enabled software solutions can add routine flows within your processes to prompt users to verify their identity as additional security before transactions or account changes. Today there are systems that can also verify attributes such as age and account ownership before speaking to an agent.

Numerous use cases can extend from call center verification to enterprise use verification and even into other business and personal categories in the years ahead. We should all be assured that we are interacting authentically with the person(s) who they say they are. It might make us feel safer and more secure in our connected world.

Related content

opinion

The changing face of cybersecurity threats in 2023

Cybersecurity has always been a cat-and-mouse game, but the mice keep getting bigger and are becoming increasingly harder to hunt.

By Dipti Parmar

Sep 29, 2023

8 mins

Cybercrime
Security

opinion

CIOs worry about Gen AI – for all the right reasons

Generative AI is poised to be the most consequential information technology of the decade. Plenty of promise. But expect novel new challenges to your enterprise data platform.

By Mike Feibus

Sep 20, 2023

7 mins

CIO
Generative AI
Artificial Intelligence

opinion

CIOs are worried about the informal rise of generative AI in the enterprise

What a difference a few months has made in both expected and unexpected ways

By Rick Grinnell

Aug 30, 2023

6 mins

Generative AI
Artificial Intelligence

opinion

The four Es of AI: Keeping up with the trend that never sleeps

Companies that educate, explore, experiment, and expand, perpetually, with the right pace and sequencing, are most likely to win with AI

By Michael Bertha

Aug 25, 2023

8 mins

Generative AI
Artificial Intelligence

Podcasts

Videos

Resources

Events

SUBSCRIBE TO OUR NEWSLETTER

From our editors straight to your inbox

Get started by entering your email address below.

Please enter a valid email address

Rick Grinnell

Rick Grinnell is Founder and Managing Partner of Glasswing Ventures, focusing on investments in AI-enabled security and enterprise infrastructure.

More from this author

Most popular authors

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : CIO – https://www.cio.com/article/655886/dont-gamble-with-your-identity-verification-practices.html

Tags: businessDon’tgamble
Previous Post

FinOps is the discipline enterprises need to optimize cloud spending

Next Post

How to get internal employee poaching right

Some birds are left behind in a race to beat the heat – Nature

Some birds are left behind in a race to beat the heat – Nature

June 1, 2025
A passing star could fling Earth out of orbit – Science News

A passing star could fling Earth out of orbit – Science News

June 1, 2025
John Hancock Multimanager Lifestyle Moderate Portfolio Q1 2025 Commentary (JALMX) – Seeking Alpha

Unlocking Potential: Insights from the John Hancock Multimanager Lifestyle Moderate Portfolio Q1 2025

June 1, 2025
Editorial: The world promised by AI isn’t necessarily a better one – Pittsburgh Post-Gazette

Editorial: The world promised by AI isn’t necessarily a better one – Pittsburgh Post-Gazette

June 1, 2025
Little Rock economy growing faster than other similarly-sized cities, study shows – thv11.com

Little Rock’s Economy Outpaces Peers: A Promising Growth Story!

June 1, 2025

Unveiling the Enigmatic: First Looks at Destruction and Puck in ‘The Sandman

June 1, 2025
Why Gen Z Will Demand Crypto-Enabled Health Systems – Forbes

How Gen Z is Shaping the Future of Crypto-Enabled Health Systems

June 1, 2025
State Sen. Skoufis declares war on en­ter­tainment ticketing practices in closing days of session – Spectrum News

State Senator Skoufis Takes a Stand Against Unfair Ticketing Practices in Final Session Push!

June 1, 2025
Bajeed Pattan Joins Forbes Technology Council as Innovation Leader – PRWeb

Bajeed Pattan Takes the Helm as Innovation Leader at Forbes Technology Council!

June 1, 2025
With college sports in limbo and key issues coming to a head, the spotlight is on the SEC: ‘It’s going to get heated’ – Yahoo Sports

SEC Showdown: Tensions Rise as College Sports Face Uncertain Future

June 1, 2025

Categories

Archives

June 2025
MTWTFSS
 1
2345678
9101112131415
16171819202122
23242526272829
30 
« May    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (656)
  • Economy (671)
  • Entertainment (21,577)
  • General (15,254)
  • Health (9,713)
  • Lifestyle (673)
  • News (22,149)
  • People (672)
  • Politics (679)
  • Science (15,891)
  • Sports (21,175)
  • Technology (15,658)
  • World (659)

Recent News

Some birds are left behind in a race to beat the heat – Nature

Some birds are left behind in a race to beat the heat – Nature

June 1, 2025
A passing star could fling Earth out of orbit – Science News

A passing star could fling Earth out of orbit – Science News

June 1, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version