The first-of-its-kind offering prevents MFA bombing attacks to keep key services online
Xage, the zero trust security company, introduced the first-ever distributed, multi-layer multi-factor authentication (MFA) designed for real-world operations.
Critical infrastructure systems areย increasingly under attack, and these complex environments filled with legacy technologies are notoriously difficult-to-secure. Federal security directives and alerts from theย TSAย andย CISAย require improved MFA in Operational Technology (OT) environments; however, operators canโt rely on traditional IT-based MFA tactics to protect essential services.
Human error causesย 95% of security breaches. Bad actors exploit this through MFA bombing, a technique which sends numerous secondary MFA requests until the user unintentionally grants permission. This can happen when MFA requires only one additional factor to log-in, such as a one-time password sent to a secondary device. For instance, digital extortion group Lapsus$ recentlyย breached identity management platform Oktaย through a third-party provider using MFA bombing.
Latest ITechnology News: Lantronix Contributes to Creation of EchoNous AI-Assisted Handheld Ultrasound Device
To prevent attacks that rely on human error and social engineering, such as MFA bombing, critical operations need multiple layers of authentication. Xageโs multi-layer MFA combines zero trust access control with a defense in-depth authentication strategy. Users reconfirm their identity as they are granted each layer of access privilege, allowing independent user verification at the level of a whole operation, a site, or even a single asset. As a result, compromise of an individual authentication factorโsuch as would happen in an MFA bombing attackโdoes not allow the attacker to compromise the userโs whole identity and gain illegitimate access to assets, systems, or applications. Xageโs multi-Layer MFA makes critical infrastructure essentially impenetrable to MFA bombing, delivering real world zero trust using a defense-in-depth approach.
โCritical infrastructure asset owners and operators are in the crosshairs of the evolving threat landscape, and TTPs are becoming more sophisticated, including MFA bombing,โ said Jonathon Gordon, Directing Analyst at Takepoint Research. โXageโs multi-layer MFA solution requires users to pass an additional and unique MFA challenge at each layer. This distinctive approach can further secure critical operations against malicious actors using advanced MFA attacks and prevent major shutdowns that impact both production systems and the safety of communities they serve.โ
โMulti-layer MFA is hard to achieve in IT environments, and even harder in OT. Managing authentication for thousands of dispersed technologies of different vintages that donโt inherently support MFA becomes too complex,โ said Duncan Greatwood, Xage CEO. โXage now makes it easy for customers to utilize multi-layer MFA at each site, asset, zone, and subsystem, without the need to rip and replace existing systems. Combined with our zero trust identity and access management capabilities, operations can now manage access and interactions at each layer of the environment.โ
Latest ITechnology News: UL Launches New SafeCyber Solution and Platform Features to Address Mounting Security Threats
Xageโs solution fingerprints each device and user across the entire network. User access is then precisely controlled, restricted only to specific devices or systems, time or session length. Even if adversaries break through one layer or an individual site, theyโre isolated and unable to further infiltrate the system, ensuring critical services remain operational.
The increase of hacks and new federal regulations combined add urgency to the adoption of Xageโs technology. Just this month, Xageย announcedย that critical infrastructure customers have more than doubled in the past year, and two-thirds are accelerating zero trust rollouts to meet government requirements.
Latest ITechnology News: DataRobot AI Cloud Launches on Google Cloud Marketplace
[To share your insights with us, please write toย sghosh@martechseries.com]
