Cyber 101 – Multi-Factor Authentication

With a new cyberattack reported every day, everyone is asking one question; how can I make sure I’m not next? Cyber 101 is a series of blogs focusing on the ultimate basics of cybersecurity. By utilizing these simple remediations, your networks and accounts will be on their way to defending against cyber actors.

Authentication Factors

Cybersecurity utilizes three different types of authentication, focused on something that you know, something that you have, or something that you are. The most common example of something known is a password or passphrase. This type of authentication is based on a unique value that should only be known to your user. An example of something that you have can be a physical token or an app on your smartphone. Physical authentication is based on your user maintaining control of a physical object, eliminating the possibility that a known value can be guessed. The last authentication type, and least frequently used, is something you are, such as a fingerprint or ever-emerging face recognition technology. Biometric authentication is based on a unique feature of your user that is part of their physical makeup, and therefore cannot be recreated.

Photo by cottonbro on Pexels.com

Why Use Multi-Factor?

The use of multi-factor authentication has become more common and widespread in recent years. Utilizing multiple authentication factors is growing due to the relative ease in the implementation, which doubles the degree of difficulty in a non-legitimate login. In addition, by requiring two or more authentication factors, you eliminate the ability for a bad actor to compromise an account with only one piece of information, such as a guessed or stolen password. A further benefit of multi-factor authentication is the possibility of setting shorter lifespans for authentication requests. For example, by adding a generated code from a token, administrators can set time limits of the usage of each authentication response, reducing the likelihood that a stolen response will be valid. Requiring a password to be changed every fifteen minutes is not a feasible request, but partnering a known password with a one-time code increases system security.

By utilizing multiple authentication factors, system owners can quickly increase the difficulty of a non-legitimate login from occurring. Users should enable multi-factor authentication for any accounts that contain sensitive information, such as banking or email accounts. 

Cyber 101 – DNS Resolution

With a new cyberattack reported every day, everyone is asking one question; how can I make sure I’m not next? Cyber 101 is a series of blogs focusing on the ultimate basics of cybersecurity. By utilizing these simple remediations, your networks and accounts will be on their way to defending against cyber actors.

What is DNS Resolution?

When you type http://www.google.com into your web browser, the domain name must be converted into an IP address before your traffic can be routed. Insert DNS, the Domain Name Server/System. DNS is the process used to convert domains into IP addresses and vice versa. DNS is crucial in allowing human users of web services the ability to browse the internet.

Photo by panumas nikhomkhai on Pexels.com

Is DNS Resolution Important to Security?

Proper DNS resolution is critical to cyber security. The ability to correctly route internet traffic is core to the usability of the internet. DNS underpins the trust vital to know that your web traffic is being sent to the correct recipient. Unfortunately, malicious actors frequently try to override DNS resolution and control where sensitive information is transmitted. When a malicious actor overrides your DNS resolution, it is called DNS hijacking. Undetected DNS hijacking can result in users sending passwords, banking information, and more to criminals without ever knowing it.

Photo by Sora Shimazaki on Pexels.com

Securing DNS Resolution

Securing DNS resolution ultimately boils down to trusting and verifying which system/set of servers is performing the name resolution. The vast majority of internet users allow their Internet Service Provider, or ISP, to resolve addresses. Reputable ISPs do a great job of DNS resolution and are a solid choice for most users. However, users and organizations that prefer a more dedicated focus on DNS resolution can subscribe to specialized services like Cisco’s Umbrella. Dedicated DNS services detect and defend against DNS hijacking and assist network administrators in controlling what web traffic is allowed in their environment. Parents can also use DNS resolution for advanced parental control, denying traffic categories such as gambling and mature content. Network administrators should regularly review their DNS servers for changes and alert on any changes made in real-time if possible.

Understanding and controlling DNS resolution is crucial to the secure routing of your network’s traffic. You can rest assured that your information arrives at your intended recipient by verifying and monitoring your DNS resolution.

Cyber 101 – VPNs

With a new cyberattack reported every day, everyone is asking one question; how can I make sure I’m not next? Cyber 101 is a series of blogs focusing on the ultimate basics of cybersecurity. By utilizing these simple remediations, your networks and accounts will be on their way to defending against cyber actors.

What is a VPN?

Most folks have heard of a VPN and know it has something to do with network security, but what is a VPN exactly? VPN stands for Virtual Private Network and is best described as a “secure tunnel.” When a VPN tunnel is created, your browser makes a secure session to your content server and then routes all traffic through this tunnel. Now that we have the literal definition of a VPN, we can move on to the big question; do you need one?

Photo by Cedric on Pexels.com

Are VPNs secure?

Through aggressive marketing campaigns from NordVPN and PIA, many internet users have become convinced that a VPN is needed to conduct internet browsing safely. But what exactly are these services offering to their subscribers? In most cases, VPN tunnels simply change who can see your web traffic, not whether the traffic is more secure. When you open a browser and start surfing the web, you typically rely on your ISP (Internet Service Provider) to route traffic and create network sessions. You can alter this traffic by enabling a VPN tunnel and instead rely on your VPN provider to conduct your routing. The difference between these two session types is who establishes your connection and tracks your web sessions. If you are connecting to a website via HTTP/S, your traffic is, in fact, no safer from snooping in a VPN tunnel. The critical aspect of web browsing is ensuring that you establish secure connections, not who establishes the connections themselves.

When should I use a VPN?

The primary VPN use for a standard user is to mask the source of their traffic. Whether you are trying to hide from your ISP that you are pirating content or tricking your content provider into offering you another region’s availability, a VPN tunnel can change “where” a web request is originating. An important thing for consumers to remember is you are not anonymous when browsing through a VPN tunnel; you change who is watching your traffic to the vendor you subscribe to. If you are conducting illegal activity, your VPN provider can still report you, and under certain jurisdictions may be required to do so. Another typical use for VPN tunnels is when connecting to a company’s internal network. If you use your personal device to connect to work, you may be required to use a VPN. This tunnel is a security decision to protect the company’s resources, not your device. Companies can control who and what is allowed in at their VPN gateway by requiring VPN tunnels to access an internal network.

Now that you know what a VPN is, you can operate with a greater degree of certainty when deciding whether you need to subscribe to a company that offers them.

Cyber 101 – Password Requirements

With a new cyberattack reported every day, everyone is asking one question; how can I make sure I’m not next? Cyber 101 is a series of blogs focusing on the ultimate basics of cybersecurity. By utilizing these simple remediations, your networks and accounts will be on their way to defending against cyber actors.

Password Requirements: Do they work?

The odds are that at some point, you’ve had to battle your computer to find a password the system is willing to accept. So between requiring an ancient hieroglyph, the blood of a day-old fawn, and interpretive dance, why are password requirements so stringent?

Password requirements are built with two different principles in mind; complexity and uniqueness. By deconstructing each of these principles, we can highlight the importance of complex passwords in your environment.

Photo by Mikhail Nilov on Pexels.com

Password Complexity

One of the more common methods used to steal passwords is performed via what is known as a brute-force attack. In short, attackers run through a list of every possible password to an account until they find the correct combination. By introducing more complexity to a password, you drastically increase the possible options for the password. Let’s use some demonstrations with the example, password:

  1. If you have no requirements set, a user could simply choose the password of “password.” With eight lowercase characters, the range of possible passwords is just over 62 billion.
  2. If you set a requirement for an uppercase and lowercase letter in the password, you might end up with “Password.” The range of possible passwords is now over 30 trillion.
  3. Adding a requirement of a number to your password, you could use “Passw0rd.” The range of possible passwords is now over 118 trillion.

This demonstration highlights how password complexity can help prevent brute-force attacks; there are simply too many possibilities for an attacker to try.

Password Uniqueness

Another standard method used to steal passwords is by comparing the top exposed passwords from other breaches. It is widespread for attackers to sell lists of exposed passwords from other attacks. Many attackers will compare the top used passwords from different lists available, then run through the first several hundred options found against a known username or email address. In our previous example, you would expect “password,” “Password,” and even “Passw0rd” to be amongst the most frequently used passwords found. We already established that increasing password requirements increases the range of possible passwords chosen, decreasing the chance of selecting a common password.

The next time you ask your user base to create an intricate password, this Cyber 101 post will hopefully help explain the reasons behind the requirements. An informed user base is an active user base, the best hope we have in recognizing and preventing cyberattacks.