Token Blog: Phishing and Ransomware Articles

Wearable Biometrics MFA vs. Password & MFA to Stop Ransomware

Written by John Gunn, CEO, Token | Aug 22, 2023 5:27:00 PM

Enterprise cybersecurity is a war zone. Today, organizations face an ever-increasing number of cyber threats, from system intrusions and phishing scams, to ransomware attacks, web application attacks, and more – any of which can result in serious damage to enterprise assets and irreversible loss of data and intellectual property.

According to the Verizon DBIR 2022 report, over 80% of breaches in 2021 involved the “human element”. In particular, stolen credentials and malware, and ransomware allowed attackers to cause great harm to enterprise systems and data. Furthermore, the report notes that poor password practices remain one of the leading causes of breaches since 2009.

These practices, such as sharing passwords, reusing passwords across multiple accounts, and using the same password for work and personal accounts, create serious security risks. Yet, even today, passwords remain the most common authentication method for companies worldwide.

Multi-factor authentication (MFA) using factors such as one-time passwords (OTPs), hardware tokens, biometric characteristics was developed to address password-related weaknesses that opened the door to threat actors. These systems either eliminate the need for passwords entirely or strengthen password-based authentication with an additional factor that’s difficult to compromise for malicious purposes. Difficult, but not impossible. MFA-based authentication is not infallible either so organizations should not make the mistake of assuming it is so.

Fortunately, there is an alternative authentication mechanism that’s much safer than passwords and a lot more reliable than traditional MFA: wearable biometric authentication. Wearable devices like the Token Ring provide a reliable MFA solution that eliminates the risks of password-based authentication and prevents many security problems like data breaches and ransomware.

The Real Cost of Ransomware Attacks

Ransomware cripples businesses by encrypting their systems. Until the victim pays the attacker a ransom, the systems will remain encrypted and therefore unusable. Often, most enterprise victims pay the ransom, hoping that the attacker will release their locked systems so they can restart operations as quickly as possible. Unfortunately, this doesn’t always happen. In 2021, 32% of ransomware victims paid the ransom but only managed to recover about 65% of their data. In 2022, the number of victims who paid their attackers more than doubled to 62.9%. Of these, almost 30% did not recover their data. Simply put, paying the ransom does not guarantee that the attacker will release locked systems or provide the required decryption code.

Per one report, ransomware attacks rose by a staggering 92.7% between 2020 and 2021. Another survey found that it wasn’t just larger enterprises that were targeted. If anything, mid-sized organizations were the chief target of such attacks, with 66% of them falling victim to ransomware compared to 37% in 2020. Average ransom payments also increased in 2021, reaching $812,000, an almost 5X increase from 2020’s $170,000. The impact of ransomware attacks has increased in terms of average recovery cost to $1.4 million and average recovery time to one month.

For a majority of organizations, ransomware also impacts operational continuity, causes reputational damage, and leads to lost business and ultimately, to lost revenues. In 2021, ransomware attacks cost U.S. businesses around $159.4 billion in downtime alone. Add in other costs like legal fees, remediation and post-recovery expenses, canceled contracts and projects, and higher insurance premia to the ransom paid, and the total expense of a ransomware attack could be as much as 5-7X the ransom amount. For many companies, these damages are insurmountable and can potentially lead to a complete business shutdown.

Ransomware Attacks, Passwords, and MFA

The DBIR 2022 lists credentials as one of the four most common pathways to a ransomware attack. Since too many corporate users don’t follow safe password practices, attackers are able to easily steal passwords, often via Internet-facing virtual private networks (VPN) to penetrate an organization’s security perimeter. Once they infiltrate an enterprise account, they can infect it with malware that will encrypt it and affect its availability. The Colonial Pipeline ransomware attack is one of the most prominent examples of this tactic. In some cases, the malware may spread to other network-connected devices, resulting in enterprise-wide encryption and system lockout, thus increasing the scale of the attack.

Is MFA the answer to prevent ransomware attacks? Perhaps…but only to a limited extent. Over the years, hackers have found ways to break into MFA-based systems using social engineering tactics, authoring brute force attacks, hijacking a victim’s user principal name (UPN), guessing unique session tokens, or by using code generators to simulate time-valid codes for authentication.

For all these reasons, organizations should not rely on password-based authentication. They should also not assume that MFA-based authentication is the best way to address password-related weaknesses or to protect them from ransomware attacks.

How Wearable Biometric Authentication Prevents Ransomware Attacks

Biometric authentication is an increasingly popular method to authenticate users and control their access to enterprise resources. As a more secure MFA method, it uses a person’s unique biological characteristics such as fingerprints, retinas, or voiceprints to verify that they are who they claim to be.

Biometric authentication provided by wearable devices like the Token Ring remove passwords from the authentication equation. Consequently, there are no passwords to steal, which reduces the risk of ransomware attacks to near-zero.

The Token Ring pairs with an authorized user’s fingerprint to verify their identity and authenticate their access requests. It includes a fingerprint proximity sensor so the device only responds to that user. The sensor can even detect when the user takes off the ring, at which point it will automatically lock the ring so no one else can use it.

Easy to use, the Token Ring provides all the benefits of MFA and passwordless login in just one step. The authentication workflow is contactless and handsfree, simplifying the user experience, regardless of which device, application, or network they are trying to access.

All in all, wearable biometrics are a near-infallible way to prevent ransomware attacks since they provide the strongest possible authentication. Solutions like Token Ring can also prevent phishing, account takeovers, and man-in-the-middle (MitM) attacks, all of which are also serious risks for today’s organizations.

Conclusion

Modern-day cyberattackers are increasingly leveraging ransomware as their weapon of choice against unprepared organizations. As we have seen, there’s plenty of evidence showing that it is passwords that allow them to access the keys to the kingdom. Traditional MFA is not an infallible solution either. Wearable biometrics can keep these precious keys out of their hands and protect organizations from ransomware and other types of attacks.

Token Ring is a simple wearable device for reliable, biometric-based authentication. It eliminates the vulnerabilities of outdated password-based authentication. Plus, it is suitable for range of industries, including those where data is the most valuable asset. Try Token Ring to see how it can protect your organization from ransomware attacks - Request a Demo.