- Analytics
- Big Data
- Case Studies
- Datacentre
- Cloud
- eGov
- IoT
- IT Infra
- Leadership
- Mobile/Social
- Mobility
- Security
- Storage
- Miscellaneous
- Insights
- Digital Transformation
- Blockchain
- Workplace
- Collaboration
- Developer
- Digital India
- Infrastructure
- Networking
- Software Defined
- Telecom
- Semiconductor
- Networking
- AI / ML / BOTS
- BPO/BPM/IT Services
- Blockchain
- Security
- Insights
- Leadership
- Miscellaneous
- Enterprise Applications
- FinTech
- Innovation
- Developer
- AI/Bots/ML
US State Department suffers Breach after Failing to Implement 2FA
Password-based security is an entirely insufficient at protecting large numbers of users from determined attackers
The US State Department has confirmed an email security breach, which may have affected hundreds of employees, exposing their personal information to attackers. Reports emerged on last Monday that the incident earlier this year affected “less than 1 percent of employee inboxes. According to State Department figures, it employees nearly 70,000 staff, meaning in the region of 700 could be affected by the breach.
Craig Young, security researcher at Tripwire, said: "Password-based security is an entirely insufficient at protecting large numbers of users from determined attackers. A long history of major breaches has thoroughly demonstrated that people generally stink at selecting passwords and tend to use the same (or similar) passwords across many sites. Systems which authenticate users based solely on a password are simply not secure.
"Although not foolproof, the use of multi-factor authentication schemes can greatly reduce the chances of account compromise."
