Two-Factor Authentication (2FA) has always been a near-surefire way to protect your accounts from hacking. After all, as long as you have the token generator on your person and don’t let anybody else touch it, how can a hacker gain access to your accounts?
Recently, however, it was revealed that a group of Chinese hackers could avoid 2FA countermeasures. This was a worrying development in the cybersecurity world, as 2FA is regarded as one of the easiest yet strongest ways to secure an account.
Who Performed the Attack?
The group behind this attack is no stranger to cybersecurity. They’re called APT20, and they’re a Chinese hacking group. They’ve made claims to have attachments to the Chinese government and have been spotted in the wild for the past ten years. As such, they’re definitely not new kids on the block – these are some of the most notorious hackers in the world.
How Did the 2FA Attacks Happen?
When you watch a 2FA code generator, it looks like it’s giving you random numbers generated out of nowhere. If this was true, however, it would be very hard for the system on the other end to verify that your code is legitimate!
To keep your 2FA device and the verification server in sync, they both share a seed between them. This seed tells both sides which codes will be generated in the future. With this seed, both the user’s device and the verification server are in sync with one another.
Therein lies the entryway for hackers. If they can get their hands on a working seed for the 2FA system, they can use it to generate codes for themselves. It’s as if they had their own 2FA device set up for that specific user.
A Dutch security team, Fox-IT, currently believes that this is what happened. They’re still unsure of the exact methods APT20 used to defeat the 2FA system, but they believe the hackers gained access to a compromised seed and used it to breach 2FA systems that used it.
Are Your Accounts Under Fire?
At the time of writing, APT20 wasn’t targeting civilian accounts. They were more interested in breaking into important governmental accounts, presumably due to their ties with the Chinese government. As such, you probably shouldn’t worry too much about your personal accounts being hacked by this group.
However, it is a good example of how 2FA isn’t always perfect. There are ways to circumvent the system, so it’s good to use additional lines of defense rather than purely relying on 2FA’s strength.
For example, just because your accounts have 2FA enabled, doesn’t mean you can skimp on the password strength! Make sure you have a solid password that’s hard to crack, as it’s an effective way of preventing hackers from even getting to the 2FA step.
Relying Less on 2FA
2FA is a useful tool for securing your account, but it isn’t 100 percent foolproof. The recent hacking attack by APT20 is proof that the system can be beaten. However, by refusing to depend entirely on 2FA, you can keep yourself safe even if someone can crack your 2FA.
Does this attack make you less confident in using 2FA? Let us know below.
Image credit: Wikimedia