www.androidpolice.com CISA issues warning that Russian hackers are bypassing two-factor authentication

2FA is great, but not perfect

Two-factor authentication (2FA) can be an important component of the steps you take to keep your accounts and data secure, but it's not without its flaws. As if the existing threats weren't concerning enough, now we're learning about how Russian state-sponsored hackers are undermining authentication in supposedly secure systems and disguising their access as that of legit account holders.

As early as May 2021, hackers exploited accounts linked to an unnamed non-governmental organization (NGO) and were able to access sensitive data, according to a new report from the FBI and the US Cybersecurity and Infrastructure Security Agency (CISA). Weak password choices and a long-dormant account didn't help the victims here — the attackers were able to get inside the old account, activate it, and enroll it in 2FA. Once the system viewed the hacked account as legit, the cyberattackers could run rampant — and they did, using a major Windows Print Spooler vulnerability, "PrintNightmare."

PrintNightmare surfaced last summer, and is a pretty serious vulnerability that exposes Windows systems to arbitrary code execution. Once compromised, an attacker can do basically whatever they want, with full system-level permissions. While the incident we're looking at today didn't reveal any new vulnerability in 2FA, it does make clear that system hygiene is everything. Whether you're setting up accounts on a new Galaxy S22 or you're an admin running an NGO's entire network, good password practices and killing old, unused accounts are two especially vital steps toward keeping systems secure.

As the BBC reported in February, almost three-quarters of ransomware money ends up in the coffers of hackers linked to Russia alone. If there's a way to compromise a system for profit or knowledge, chances are good someone — whether solo or state-sponsored — is already working on a way to sneak in (assuming they haven't found it yet). We'll just have to keep being vigilant and stay on top of device updates.

Steve is the Weekend News Editor for Android Police. He was previously the Deputy Digital Editor for Maxim magazine and has written for Inside Hook, Observer, and New York Mag. He's the author of two official tie-ins books for AMC's hit "Breaking Bad" prequel, "Better Call Saul."