Microsoft: MFA bypass attacks are so rare we don’t have good statistics on them

A few years ago I attempted to turn on MFA for Office 365 accounts in one business I support. Half of the users were unable to use it or, more accurately, would not bother to read and follow instructions. Still, I’m amazed that less than 10% have made the switch…:

Attacks on Microsoft user accounts that are capable of bypassing multi-factor authentication (MFA) protections are so rare that the Redmond-based company doesn’t even have stats for them.

“Compared to password attacks, attacks which target non-password authenticators are extremely rare,” said Alex Weinert, Group Program Manager for Identity Security and Protection at Microsoft.

“When we evaluate all the tokens issued with MFA claims, we see that less than 10% of users use MFA per month in our enterprise accounts (and that includes on premises and third party MFA),” Weinert added.

The Microsoft security expert claims that this slow rate of adoption among Microsoft users is what’s kept attackers from evolving and deploying tools that can intercept MFA operations.

“Until MFA is more broadly adopted, there is little reason for attackers to evolve,” he said.

But he also warns Microsoft users that tools and methods for bypassing multi-factor authentication exist. One example is Modlishka, a tool that ZDNet analyzed earlier this year when it was released.


Original Article