SIM Swap Derails SMS Two-Factor Authentication

30 Jun

We’ve written about two-factor authentication in the past, and how it is a vital part of any cyber security plan whether you are a single user or company with hundreds of employees. Though it does make challenging for an attacker to infiltrate your network with these precautionary measures in place, new tactics are being used that have threatened its viability. SMS two-factor authentication is now under scrutiny as various parties around the world have reported being hacked through a “SIM swap”. How much of a threat is it to businesses and individuals, and what’s alternative options can your company consider to protect its data and network?

SMS two-factor authentication is offered by most websites as a way to determine the user changing any significant details within your stored data is a trusted entity. However, hackers have found ways to gain access to a user’s phone and steal the code sent as a part of the two-factor authentication process. Known as a “SIM swap”, a hacker can call your phone company, impersonate you, and convince the company to redirect the incoming texts to an entirely different SIM card. Then, it’s only a matter of time before they can reset your passwords and “embody” your online persona.

All that being said, don’t use the above information as a carte blanche to discontinue your use of SMS two-factor authentication. Security researcher and forensics expert Jonathan Zdziarski explains that two-factor authentication is meant to test someone’s knowledge on what they know (a password) and what they have (a mobile device). Unfortunately that “something” a user has is now “something they sent you”; in other words it can be intercepted in the SIM swap. One way to circumvent dealing with a SIM swap is to use tools such as Google Authenticator or an RSA token. Basically they allow for a code to be created that uniquely matches with one generated on a web service’s server, and they change every few seconds.

The idea of a SIM swap hasn’t hit mainstream attack status just yet, but it’s only a matter of time before companies big and small will have to reassess their two-factor authentication options. Utilizing a company like Neovera is a great start in staying one step ahead of the debilitating attacks that could easily cripple your organization. As an MSS/MSSP, Neovera utilizes over fifteen years of cyber security experience to manage and monitor your vital data and network components, leaving you with more time to focus on growing your business and reaching your goals.