Your organization's service desk serves a critical role in resetting passwords, resolving IT issues, and setting end-users up with the software they need. And as the gatekeeper for password resets, it’s a prime target for cyber-attacks. Threat actors use social engineering tactics to exploit human vulnerabilities, manipulating your service desk staff into providing unauthorized access.
Without diligent attention and protective measures, your service desk could unwittingly become a weak point in your organization's cybersecurity framework. But thankfully, there are strategies to help keep your service desk agents safe. Let’s see what we can learn from some recent service desk attacks, then explore the best practices your organization should be following.
Service desk exploits
Social engineering attacks are becoming increasingly common, and service desks are a preferred target. According to Statistia, 71% of IT departments say they were targeted by a vishing (voice impersonation) social engineering attack in 2022, a 17% increase over the number of attacks in 2020. And the real-world impacts of social engineering attacks can be devastating; just ask EA Games and MGM Resorts.
The EA Games hack
The 2021 EA Games breach is a prime example of the real risks that threat actors pose to an organization’s service desk. Threat actors gained access to one of EA’s internal Slack channels, then messaged an IT support rep, saying they’d lost their phone at a party and requesting a multifactor authentication token to gain access.
Once inside, they created chaos, stealing source code data from games, game engines, and internal game development tools and then selling it on numerous underground sites.
All told, hackers got away with 750GB of data, including the source code for FIFA 2021.
The MGM Resorts hack
EA Games isn’t the only company whose service desk has fallen victim to a social engineering attack.
In 2023, a hacking group found an MGM Resorts employee's name on LinkedIn and then called MGM’s IT support desk to obtain credentials and gain access to its systems.
As a result, the hotel and entertainment titan suffered widespread outages across numerous Las Vegas properties, impacting everything from hotel room keys and internal networks to digital slot machines and electronic payment systems.
Weeks later, the news got even worse; although its casinos and hotels were “operating normally” again, the company announced that hackers had also gotten into its customer database, gaining access to personal information, including names, addresses, dates of birth, and (in some cases) driver’s license, social security, and passport numbers.
According to MGM, the attack cost the company about $100 million in lost revenue. Additionally, the organization spent $10 million on tech consultants, legal fees, and other third-party advisors as they attempted to mitigate and limit the damage caused by the attack.
Best practices for keeping your service desk safe
As EA Games and MGM Resorts now know firsthand, it’s essential to enforce cybersecurity best practices among your service desk staff. Follow these tips to boost your service desk’s security and safety:
Perform regular, ongoing cybersecurity training
Threat actors are always looking for new ways to gain unauthorized access to your organization’s systems and apps — so your service desk must stay one step ahead. Ensure your service desk agents receive regular, ongoing training on the latest social engineering schemes, phishing attacks, and other types of threatening activities.
Providing your service desk technicians with updated knowledge will help them effectively safeguard your organization.
However, it’s risky (and unfair) to place full responsibility for preventing social engineering onto service desk staff.
Automate your password reset procedure
The password reset process provides hackers with an attractive exploit; posting as a panicking employee with an important deadline or emergency situation, they try to convince a service desk technician to perform the password reset, ultimately giving them access to your organization’s system, application, or network.
You can avoid this whole scenario by taking the password reset process out of the hands of the service desk and automating it completely. Investing in password reset software — like Specops uReset — allows your end-users to independently (and securely) reset their passwords and update their locally-cached credentials without requiring VPN access.
This will not only reduce the burden on your service desk but will also go a long way toward protecting you against password reset social engineering scenarios.
Enhance end-user verification
Your service desk will always be an extremely attractive target for hackers. One of the best ways you can fortify your defenses is implementing a solution that allows your service desk personnel to securely verify that the person calling is who they say they are.
For example, a solution like Specops Secure Service Desk enables your service desk agents to use different methods — like sending a one-time password to the mobile number associated with the user account — to verify that the caller is who they claim to be.
This extra layer of security can help protect your service desk from falling victim to sophisticated social engineering attempts, moving away from unreliable and error-prone paper-based methods.
Specops’ Secure Service Desk offers various identity verification methods, including mobile or email verification codes and integration with trusted providers like Duo Security, Okta, and PingID — all of which rely on the user having a specific device, not just knowing the answer to a question.
Mitigate the potential for social engineering attacks on your service desk and ensure that users are verified before password resets or account unlocks. Speak to an expert about how Secure Service Desk could fit in with your organization.
Sponsored and written by Specops Software.
Post a Comment Community Rules
You need to login in order to post a comment
Not a member yet? Register Now