Device-based attacks will make a comeback
Sometimes a prominent security incident or close call can cause a widespread shift in strategies.
That happened in 2022, when a collective of hackers known as Scatter Swine conducted waves of social engineering and SMS-based credential phishing campaigns to attempt to bypass MFA and access information in dozens of large companies. We studied nearly three dozen of these targeted companies and found that nearly all of them adopted strong phishing-resistant authenticators in the wake of the attack.
While embracing phishing resistance is critical, it isn’t sufficient. Because when persistent attackers can no longer rely on phishing as a tactic, they’ll pivot to something else.
We’re already seeing a shift to device-based attacks, with hackers working to compromise users’ phones, laptops, and networks. They might trick a user into installing malware, for example, and then steal their login credentials so they can access sensitive systems and data within the user’s company.
Fortunately, we’re far from helpless against device-based attacks. By establishing device trust, organizations can restrict access to specific resources to managed devices. And by integrating signals from endpoint detection and response (EDR) services into the authentication flow, organizations can prevent devices that are compromised with malware from establishing a session.