User Response To A(nother) Facebook Breach
In September, Facebook released a statement concerning the breach of over 50 million accounts. Facebook states the vulnerability has been remediated, however where does this leave account holders?
Steps to Protect Your Facebook Account
Dragoon Security Group advises users take the following steps in order to safeguard their accounts:
Update virus protection and run a scan of any devices accessing Facebook.
Log out of Facebook
Change Facebook account password.
Enable 2-Factor Authentication for Facebook.
Re-Authenticate with Third Party applications utilizing Facebook Sign-On.
Change password to other accounts also using the previous Facebook password.
Monitor your Facebook account for unusual activity.
How to Enable Facebook 2-Factor Authentication
Go to your Security and Login Settings by clicking the top-right corner of Facebook and clicking Settings > Security and Login.
Scroll down to Use two-factor authentication and click Edit.
Choose the authentication method you want to add and follow the on-screen instructions.
Click Enable once you've selected and turned on an authentication method.
Note: Using a Third Party Authentication app is more secure, as mobile numbers can be spoofed to intercept SMS authentication.
What is 2-Factor Authentication?
2-Factor Authentication (2FA), also called Multi-Factor Authentication (MFA), is an additional level of securing log-in credentials to a device or application making it more difficult to compromise the account for unauthorized use.
In your everyday life, you've performed 2FA anytime you've had to enter a PIN when making an ATM withdrawal or show photo ID when writing a check. You're proving you are who you claim to be by confirming your identify through something you know or something you have.
2FA works in the same manner, but on a digital level.
Where Else Should I Have 2-Factor?
In our opinion, if the option for 2FA exists, you should enable it.
While the extra step may be a slight nuisance, the delay in seconds to access a device or account is well-worth the hours, days or weeks you could spend reclaiming a compromised account.
A compromised account could lead to professional financial and reputation duress, in the case of Business Email Compromise.
Business Email Compromise
Business Email Compromise (BEC) is a targeted financial attack conducted by organized crime groups targeting senior executives of US companies, large and small, through the use of spear phishing, social engineering and/or malware.
Since 2015, this attack vector has increased over 1,300% and known financial losses to companies has exceeded $3 Billion, with an average loss of $140,000 per incident. This may be higher due to organizations not reporting incidents or even realizing they're victims of a crime.
The criminal's intent is to impersonate the executive, requesting a subordinate to initiate a wire transfer or send sensitive data to the criminal group; this typically occurs at a time the executive would not be available in person to vet the request.
Criminals will monitor the executive's email and social media to identify when they are traveling, on vacation or otherwise indisposed from the office.
To combat this, enabling 2FA across the business aids in preventing BEC. 2FA comes standard on both Gmail Business and Microsoft O365 accounts.
How 2FA Fits Into Your Security Program
2FA is a component of NIST 800-53 security control IA-2, Identification and Authentication (Organizational Users) and it's enhancement controls.
2FA is an explicit requirement for NIST Cyber Security Framework, FFIEC, HIPAA, PCI, SC Insurance Data Security Act, and SOX
If you're curious on how deploying 2FA aids your organization's Information Security Program, further information can be found in NIST 800-63, Digital Identity Guidelines, or contact Dragoon Security Group to learn more.