Late on Wednesday, it was confirmed that Anthem, the second largest health insurer in the U.S., was breached (ransacked is the word used to describe the attack and severity of the access). While it isn’t known yet how the attackers got in, this was a breach that allowed for server takeover and the run of their network it appears.
I found this particular quote interesting:
Staff with high-level access to the IT systems have had their passwords reset, and those using single-factor authentication locked out, we’re told.
So if high-level IT staff had their passwords reset, how are they also supposed to be locked out? If you have passwords, you only have single-factor authentication, so this statement seems like someone doesn’t know what they are talking about.
Yet at the same time, this one statement seems to point to the idea that at least some people may have had 2FA, or that there was awareness of a need for such things. Of course, that leads to the question of why they didn’t have this deployed to more users (IT staff at a minimum) and whether doing so could have prevented, or at least minimized, the breach severity.
GreenRADIUS provides a simple, highly scalable, and very cost-effective solution for deploying 2FA within any organization. While 2FA is not a panacea or silver bullet for all problems, having 2FA in place at least brings some parity to the costs of defending against attacks by raising the costs of making those attacks.