On July 20, 2022, Cloudflare was targeted in a sophisticated SMS phishing scheme in such a way that we believe most organizations would be likely to be breached. Text messages to employees were disguised as official-looking communications, including “cloudflare” and “okta” in the hacker-controlled domain. The fake login page was designed to steal credentials and even perform time-based one-time passwords (TOTP) to try to unlock internal company access.
While a few employees did enter their credentials, Cloudflare’s network was not compromised, thanks largely to the hardware-based security keys issued to all employees for MFA. With our Zero Trust platform in place, Cloudflare was able to move from initial attack identification through full mitigation quickly and effectively.
Join this webinar where we’ll walk through the entire chain of events in detail and discuss:
Agenda
Why not all MFA is treated equal and strengthened FIDO U2F / FIDO2 implementations like security keys can thwart phishing attacks
How a ZTNA service like Cloudflare Access simplifies the rollout of strong authentication across all types of resources, even legacy apps
Where Cloudflare’s Zero Trust platform played a role in mitigating this and similar attacks, from blocking the new domain to logging all authentications and killing active, compromised sessions
How a “paranoid but blame-free” culture is critical for security and helps businesses move quickly during critical incidents
Ella Monck
Cloudflare Area 1 Specialist EMEA
Alonso Bustamante
Senior Director, Special Projects
Matt Egan
Editorial Director, Innovatus Media
Matt is the Editorial Director at Innovatus. He enjoys giving executives the time and space to think about new ideas, as well as looking at the impact technology has on culture. His hobbies include being tormented by his two children as well as reading, once his kids are asleep.