Computer Security: Banks and work

/in


Over the past few months, the Computer Security team and the Identity and Account Management team have started to roll out two-factor authentication (2FA). 2FA is considered to be the silver bullet for protecting computing accounts. You find it everywhere: for accessing Facebook, Twitter, Gmail and many other services. Your bank uses it to protect your money. Still, we are facing resistance. And I’m starting to wonder why it is that people at CERN are perfectly willing to protect their bank accounts with 2FA while trying to avoid using it to protect their work, which is what puts the money in said accounts in the first place…

CERN is under attack, like any other organisation, institute or company, many of which have been hacked or compromised and their data stolen (see here and there). A successful ransomware attack against CERN could have devastating consequences for our operations and reputation. Ransomware attacks, like many other forms of attack, usually take the route of you clicking on a malicious link, opening a malicious attachment or browsing a dodgy webpage, and subsequently infecting your computer. While the consequences for your laptop are local (and can be very nasty), the next hop from that compromised device most likely requires your password. A password that can now be easily intercepted by an attacker who has a foothold in your device. Other successful ransomware attacks are more direct. By asking. By you providing your password directly to an attacker, via a fake login page. Every year, between 10% and 20% of us fall for the Computer Security team’s clicking campaign. Between 10% and 20% of all CERN passwords are exposed. Lost.

Lots of juice for an attacker if those campaigns were real. Just think what they could access with your password. What power they could inherit from you. What the attacker could do if they could observe you working on different IT services, controls systems and financial applications. And what could happen if the attacker started acting on their own. Stopping accelerators? Manipulating experiments? Disabling safety systems? Stealing money? Deleting files? Exposing personal data? Impacting CERN’s reputation?

In order to protect CERN…

Source…