If you’ve been following our blog posts, you know that online security is one of NGT’s top priorities. We strive to stay up to date against the relentless hackers and “bad guys” while staying informed about the best way to combat them. Information security is front and center at NGT.

The latest attack we’ve learned from and watched from afar deals with a company called LastPass. LastPass is a password manager that provides a place to store all your passwords in one place.  This is something that many people use as it has a free option. They had an incident last August where according to LastPass,

“The threat actor gained access to the Development environment using a developer’s compromised endpoint. While the method used for the initial endpoint compromise is inconclusive, the threat actor utilized their persistent access to impersonate the developer once the developer had successfully authenticated using multi-factor authentication.”  (Ducklin, 2022)

In simpler terms, the “bad guy” was able to access via a malware infected device and could come back whenever and do whatever they wanted undetected.

Regardless of if you have used LastPass or not in the past here are some things you should do to help protect your online accounts:

  • Use MFA/2FA (Multifactor Authentication) on any service that supports it
  • Use long passwords
  • Do not reuse passwords between different systems or accounts
  • If you have a question, please ask

NGT strongly encourages having MFA (Multi-Factor Authentication) and 2FA enabled, but it’s not a secret force field of protection. It’s only as good as the policy and people enforcing it. Many companies will implement MFA and 2FA but use it incorrectly or sparingly for convenience.

The lesson here is that a little inconvenience may save you from the big inconvenience of a hack or crypto incident. The extra step of using MFA and 2FA to the fullest, or as directed, gives you an added security feature. Having it isn’t always enough but using it to its fullest potential offers the most security.

Don’t have MFA or 2FA and still want to try and be secure as possible? NGT also recommends changing passwords regularly. We sometimes forget that passwords are an important part of our lives. They keep our information and accounts safe, yet so many of us still use easy to guess passwords, don’t change them often enough, or use the same password for multiple accounts.

It’s essential that you create strong unique passwords for each of your online accounts to ensure your online safety. They should contain a mix of uppercase and lowercase letters, numbers, and special characters. This can be time-consuming and sometimes frustrating, but not nearly as frustrating as a full-on data breach.

You should also avoid using any obvious words or phrases such as birthdays or common terms in your passwords as they can easily be guessed or discovered through social engineering tactics. The stronger the password, the better! Keeping up with good password security is paramount to maintaining privacy and security online. Make sure you’re taking the necessary steps to protect yourself!

If you ever have questions about information posted in our blogs or would like to learn more, please contact us.

As always, NGT is here to help!
Contact ngthelp.com with questions.