Every Organisation Should Act Now to Stop COVID-19 Cyber-Attacks Exploiting Weak Passwords

Posted by Jay Bartlett May 12, 2020 10:14 am Categories: Cyber Security Tags: Authlogics, COVID-19, National Cyber Security Centre, NCSC, Steven Hope.

Authlogics has responded to advice from the National Cyber Security Centre (NCSC) for organisations to use better password management, in order to protect themselves against organised COVID-19 cyber-attacks.

The company is providing its Password Breach Status and Active Directory Audit Report free-of-charge, enabling organisations to check in minutes against the Authlogics Password Breach Database (a live report of more than 2 billion records), to determine if and to what extent they have been compromised and exposed.

The Authlogics Reports include:

The total number of breached credentials found in Authlogics Password Breach Database.
The email addresses of the most breached accounts in the organisation.
A per-user risk rating, including if they have used their network password for public logon.
Next steps on how to secure the organisation’s infrastructure, comply with new regulations and follow best practice.

Last week, it was revealed by the government that the UK is being targeted by state-backed cyber-attacks. The news follows a worrying report in March from the Department for Digital, Culture, Media and Sport that almost half of all UK businesses experienced a cyber-attack in the past year, meaning that vulnerabilities exist and are being exploited.

The NCSC is urging employees working in healthcare and medical research to change their passwords, as well as encouraging two-factor authentication to help defend against password spraying attacks.

However, as an Operations Manager at an NHS Foundation Trust explains, the process isn’t that straightforward for many organisations: “You can ask staff to reset their passwords, but the tools available to confirm that the password is chosen is of adequate strength and complexity are typically manual, time-consuming and do not allow a fast-enough response time.” Adding: “What’s more, if the most complex and sensible password is mismanaged, or has been previously compromised, its strength is diminished.”

The solution for this NHS Trust was to work with Authlogics, to understand its password breach status and then install its award-winning Password Security Management (PSM) and Multi-Factor Authentication (MFA) suite.

The comprehensive suite of tools allows IT managers to improve their overall security posture and give businesses a simple, secure, and compliant authentication method for their users.

Now when a member of the Trust’s staff attempts to create a new, Authlogics PSM automatically cross-references the proposed credential against NIST SP 800- 63 Digital Identity guidelines for good password practice, and simultaneously, it checks against the Password Breach Database.

If the password has been previously breached, the user is prompted to choose an alternative. The entire password checking and resetting process can be completed in under a second.

Authlogics provides public and private sector organisations around the world with a unique and cost-effective alternative to traditional authentication methods. Its CEO, Steven Hope, states: “The message that using the same password for different accounts, overly simple logins and sharing credentials has been elevated to the level of national importance.”
Hope continues: “As a matter of national and corporate security it is vital that every organisation acts today, to ensure they are not the weak link in the chain. With so much disruption and distraction already facing companies, a successful cyber-attack resulting from poor password management is both unnecessary and avoidable.”

In addition to receiving a free no obligation Password Breach Status Report which is available here: https://authlogics.com/password-breach-check, Authlogics is also offering its Password Security Management software (as used within the NHS) free for 30-days, with installation taking just one-day.

0 Comments

How An Innovative Control Room Can Help Secure The Budding Cannabis Market

It’s no secret that the cannabis industry is growing. Numerous states across the United States, from California to Maine, have legalized recreational cannabis, with 33 total states allowing cannabis for medicinal uses. And it’s not just the United States that’s seeing this trend: Canada’s official legalization of recreational cannabis took effect last October. This growth is leading to incredible opportunities in the industry, with the global market valued at $10.3 billion in 2018 and projected to reach $39.4 billion by 2023. This market opportunity expands far beyond the companies that directly deal with the cannabis plant, with numerous adjacent businesses on track to experience benefits.