Because not all forms of MFA are
equally secure, the phishing-resistant fact sheet informs organizations and
users of the threats to MFA and how to implement the most secure form of
MFA. CISA also published an infographic of the hierarchy of MFA options
that is available at CISA.gov/MFA, which shows phishing-resistant MFA
as the strongest choice.
For small and medium-size
business that cannot immediately implement phishing-resistant MFA, the fact
sheet on implementing number matching provides guidance for organizations
to mobile push with number matching as an interim option. While number
matching MFA is a great interim mitigation, CISA encourages organizations
to develop plans to migrate to phishing resistant MFA.
As part of long and
intermediate-term plans to apply Zero Trust principles, CISA encourages all
organizations to implement phishing-resistant MFA. CISA recommends that
organizations identify systems that do not support MFA and develop a plan
to either upgrade these systems to support MFA or migrate to new systems
that support MFA.
In the past year, CISA has seen
bypass attacks on MFA increase and intensify. However, we only have heard
about some of these bypass attacks because the attackers went public. All
organizations should share information on incidents and anomalous
activity to CISA 24/7 Operations Center at firstname.lastname@example.org or Report | CISA and/or to the FBI via your local
FBI field office or the FBI’s 24/7 CyWatch at (855) 292-3937 or CyWatch@fbi.gov.
The NJCCIC encourages recipients
who discover signs of malicious cyber activity to contact the NJCCIC
via the cyber incident report form at www.cyber.nj.gov/report.