Following the cyberattack on Stryker Corporation earlier this year, Avatier has launched the Identity Challenge Card, a new solution designed to protect organizations when standard security measures fail. The attack on Stryker highlighted a critical vulnerability: when attackers target an organization's identity systems, the very tools used to verify employees and restore access can become compromised. Avatier's Identity Challenge Card is the first auto-enrolled, air-gapped Multi-Factor Authentication (MFA) solution that remains operational even when enterprise devices, networks, and identity platforms are compromised.
How the Identity Challenge Card Works
Unlike traditional MFA solutions that depend on devices, apps, or network connectivity, the Identity Challenge Card is a secure printed card pre-issued to each employee. Authentication requires only the physical card and a simple challenge-response exchange, with no need for a smartphone, app, battery, or internet connection. This air-gapped approach ensures that authentication remains possible even during a cyberattack that disables enterprise systems.
Key Features of the Identity Challenge Card
- No device or network dependency: Works without smartphones, apps, or internet connectivity.
- Auto-enrolled and enterprise-wide deployment: Can be deployed across an entire organization in a single day.
- Physical card-based authentication: Employees use a printed card for challenge-response login.
- Resilient against identity system compromise: Remains operational when identity providers or networks are taken offline.
Background: The Stryker Cyberattack
Public reports on the Stryker incident indicate that attackers gained access to administrative credentials and used enterprise device management tools to execute a large-scale device wipe. This locked employees out of their systems and disrupted internal operations across the organization. The attack underscores a growing trend in cybersecurity: identity infrastructure has become a primary target. Compromising identity systems can halt an entire business, not just expose data.
Why Traditional MFA Can Fail
Most enterprise MFA solutions rely on three dependencies: a user's device (e.g., a smartphone with an authentication app), a connected identity provider (such as Microsoft Azure Active Directory or Okta), and a live network connection. In a sophisticated cyberattack, all three can be knocked out simultaneously. Devices can be remotely wiped, identity providers can be taken offline, and network access can be disrupted. This leaves employees unable to log in, service desks unable to verify caller identity, and IT teams without a reliable way to restore access.
Additional Resources
Alongside the Identity Challenge Card, Avatier is highlighting its free Attack Cost Calculator at AttackCost.com. This tool enables executives to quantify the financial exposure of a cyberattack based on workforce size, average compensation, daily revenue, and projected system downtime.
Avatier's new solution provides a critical layer of security for organizations facing the growing threat of identity-targeted cyberattacks, ensuring that authentication remains possible even in the worst-case scenario.
