MFA Fatigue Is Becoming More Popular with Threat Actors

November 3, 2022

digital-smart-contract-isometric-icon-concept-of-electronic-signature-vector-id1313551846

More and more, hackers are using social engineering attacks to gain access to corporate credentials and breach large networks. One of the techniques used is MFA Fatigue, which has become more widespread with the rise of multi-factor authentication. Although threat actors can use numerous methods to bypass multi-factor authentication, MFA Fatigue, or MFA push spam, has proven to be a success when breaching organizations such as MicrosoftCisco, and now Uber.

When an organization’s multi-factor authentication is configured to use ‘push’ notifications, employees see a prompt on their mobile devices when someone tries to log in with their credentials. An MFA Fatigue attack occurs when a threat actor runs a script that attempts to log in with stolen credentials over and over, night and day, to break down the target’s cybersecurity and inflict a sense of “fatigue” on the MFA prompts. Security professionals have suggested disabling MFA push notifications, limiting the number of MFA authentication requests per user and moving to FIDO hardware security keys to secure logins. Microsoft, Oktai, and Cyberark have made recommendations that include organizations going passwordless, setting thresholds and trigger alarms to the security operations center, and blocking user authentication from suspicious IP addresses.

Critical intelligence for general counsel

Stay on top of the latest news, solutions and best practices by reading Daily Updates from Today's General Counsel.

Daily Updates

Sign up for our free daily newsletter for the latest news and business legal developments.

Scroll to Top