When MFA Fails: Identity Infrastructure Under Siege and What State CISOs Must Do Now

<p> <strong> Threat Assessment Level: ELEVATED </strong> <em> (Maintained from prior cycle &mdash; driven by active AiTM phishing at unprecedented scale, confirmed cloud provider compromise for espionage, and emerging AI infrastructure exposure across government networks) </em> </p> <h2> <strong> Introduction </strong> </h2> <p> Seventy-two hours. Thirty-five thousand compromised accounts. Thirteen thousand organizations. And your push-notification MFA didn&rsquo;t stop any of it. </p> <p> The intelligence collected through May 5, 2026 paints an unambiguous picture: <strong> the identity layer is now the primary battleground </strong> , and the controls most state agencies rely on &mdash; TOTP codes, push notifications, SMS &mdash; are no longer sufficient against adversary-in-the-middle (AiTM) phishing at scale. Simultaneously, espionage actors are compromising the cloud providers your agencies trust implicitly, and AI tools are being deployed across your environment without authentication, creating attack surface your security team doesn&rsquo;t know exists. </p> <p> This isn&rsquo;t theoretical. These campaigns are active, targeting U.S. government organizations specifically, and the window to act is measured in days &mdash; not quarters. </p> <h2> <strong> What Changed </strong> </h2> <table> <thead> <tr> <th> <p> Development </p> </th> <th> <p> Why It Matters for State Government </p> </th> </tr> </thead> <tbody> <tr> <td> <p> <strong> AiTM phishing campaign </strong> compromised 35,000 users across 13,000 organizations in 72 hours (April 14&ndash;16) &mdash; 92% U.S. targets </p> </td> <td> <p> Traditional MFA is defeated. Only FIDO2/passkeys break the attack chain. State employee M365 accounts are high-probability next targets. </p> </td> </tr> <tr> <td> <p> <strong> Espionage actor compromised a third-party cloud provider </strong> to deploy Cobalt Strike BEACON and CEELOADER into government networks </p> </td> <td> <p> Your vendor&rsquo;s security posture is now your security posture. Cloud provider trust relationships are being weaponized. </p> </td> </tr> <tr> <td> <p> <strong> 90+ government AI/LLM instances </strong> found exposed on the internet without authentication (Flowise, n8n, Ollama) </p> </td> <td> <p> Agencies deploying AI tools without security review are creating unauthenticated code execution endpoints visible to any scanner. </p> </td> </tr> <tr> <td> <p> <strong> TA505 </strong> (Clop ransomware affiliate) actively targeting government with fresh infrastructure </p> </td> <td> <p> Financially-motivated APT with ransomware delivery capability is actively scanning government networks. </p> </td> </tr> <tr> <td> <p> <strong> Russia-nexus espionage campaign </strong> using Discord as a C2 channel actively targeting government, energy, and utility sectors </p> </td> <td> <p> Legitimate collaboration platforms are being weaponized to evade network-based detection; OT-adjacent networks are at elevated risk. </p> </td> </tr> <tr> <td> <p> <strong> Two critical CVEs actively exploited: </strong> CVE-2026-41940 (cPanel/WHM auth bypass, 44,000 IPs compromised) and CVE-2026-31431 (&ldquo;Copy Fail&rdquo; Linux kernel, CISA KEV deadline May 15) </p> </td> <td> <p> Unpatched internet-facing and Linux infrastructure is being actively exploited; patch windows are measured in hours, not weeks. </p> </td> </tr> <tr> <td> <p> <strong> 6 new ABB ICS advisories </strong> covering authentication bypass, remote reboot, and message injection vulnerabilities </p> </td> <td> <p> Water/wastewater SCADA systems running ABB products require immediate patching attention. </p> </td> </tr> <tr> <td> <p> <strong> Iran-U.S. kinetic escalation </strong> (May 4 missile strike on U.S. destroyer) maintains 48&ndash;72 hour cyber retaliation window </p> </td> <td> <p> Iranian APT groups (APT34/OilRig &mdash; MOIS-affiliated &mdash; and UNC5625) have documented capability against U.S. government networks and a historical pattern of retaliatory cyber operations. </p> </td> </tr> </tbody> </table> <h2> <strong> Threat Timeline </strong> </h2> <table> <thead> <tr> <th> <p> Date </p> </th> <th> <p> Event </p> </th> <th> <p> Threat Category </p> </th> </tr> </thead> <tbody> <tr> <td> <p> Apr 14&ndash;16, 2026 </p> </td> <td> <p> AiTM phishing campaign hits 35,000 users / 13,000 orgs; 92% U.S. targets </p> </td> <td> <p> Identity / Credential Theft </p> </td> </tr> <tr> <td> <p> Apr 29, 2026 </p> </td> <td> <p> CISA releases &ldquo;Adapting Zero Trust Principles to OT&rdquo; guidance </p> </td> <td> <p> ICS/OT Defense </p> </td> </tr> <tr> <td> <p> Apr 30, 2026 </p> </td> <td> <p> CVE-2026-41940 (cPanel/WHM auth bypass) weaponized within 24 hours; 44,000 IPs compromised </p> </td> <td> <p> Critical Vulnerability </p> </td> </tr> <tr> <td> <p> May 1, 2026 </p> </td> <td> <p> CISA adds CVE-2026-31431 (&ldquo;Copy Fail&rdquo; Linux kernel flaw) to KEV catalog &mdash; May 15 patch deadline </p> </td> <td> <p> Critical Vulnerability </p> </td> </tr> <tr> <td> <p> May 1, 2026 </p> </td> <td> <p> CISA releases joint guidance on agentic AI security with ASD ACSC </p> </td> <td> <p> AI/Emerging Tech </p> </td> </tr> <tr> <td> <p> May 3&ndash;5, 2026 </p> </td> <td> <p> TA505 government-targeting infrastructure identified (France + China hosting) </p> </td> <td> <p> Ransomware / APT </p> </td> </tr> <tr> <td> <p> May 4, 2026 </p> </td> <td> <p> Iranian missile strike on U.S. destroyer &mdash; opens cyber retaliation window </p> </td> <td> <p> Geopolitical / Nation-State </p> </td> </tr> <tr> <td> <p> May 4, 2026 </p> </td> <td> <p> Russia-nexus espionage campaign using Discord backdoors targets government, energy, utilities </p> </td> <td> <p> Nation-State Espionage </p> </td> </tr> <tr> <td> <p> May 4, 2026 </p> </td> <td> <p> Cloud provider compromise &rarr; Cobalt Strike BEACON + CEELOADER deployed against government </p> </td> <td> <p> Supply Chain / Espionage </p> </td> </tr> <tr> <td> <p> May 5, 2026 </p> </td> <td> <p> Research confirms 90+ exposed government AI instances without authentication </p> </td> <td> <p> Misconfiguration / AI </p> </td> </tr> </tbody> </table> <h2> <strong> Key Threat Analysis </strong> </h2> <h3> <strong> 1. AiTM Phishing: MFA Is No Longer Enough </strong> </h3> <p> <strong> What happened: </strong> A sophisticated phishing operation deployed adversary-in-the-middle proxies that intercept authentication sessions in real time. Victims received PDF lures disguised as HR &ldquo;Disciplinary Action&rdquo; documents. Cloudflare CAPTCHAs were weaponized to block automated sandbox analysis. Once credentials and session cookies were captured, attackers registered their own MFA methods on compromised accounts for persistent access. </p> <p> <strong> Why it matters: </strong> This attack renders TOTP, push notifications, and SMS-based MFA completely ineffective. The attacker sits between the user and the legitimate authentication server, capturing the valid session token after MFA completes. The only control that breaks this chain is <strong> phishing-resistant MFA </strong> &mdash; specifically FIDO2 security keys or platform passkeys that bind authentication to the legitimate domain. </p> <p> <strong> ATT&amp;CK Techniques: </strong> T1566.001 (Spearphishing Attachment), T1557 (Adversary-in-the-Middle), T1539 (Steal Web Session Cookie), T1556.006 (Modify Authentication Process) </p> <p> <strong> Scale indicator: </strong> 13,000 organizations in 72 hours means this is automated infrastructure, not a targeted operation. State agencies using Microsoft 365 are squarely in the target set. </p> <h3> <strong> 2. Cloud Provider Compromise: Your Vendor&rsquo;s Breach Is Your Breach </strong> </h3> <p> <strong> What happened: </strong> An espionage-motivated threat actor compromised a third-party cloud service provider and used that trusted access to deploy <strong> Cobalt Strike BEACON </strong> and <strong> CEELOADER </strong> malware into government and telecommunications networks. CEELOADER has been historically associated with <strong> APT29 (Cozy Bear) </strong> &mdash; Russia&rsquo;s SVR-affiliated cyber espionage group. </p> <p> <strong> Why it matters: </strong> State agencies increasingly rely on cloud providers and managed service providers (MSPs) for infrastructure. These trusted relationships create implicit access paths that bypass perimeter security entirely. When a cloud provider is compromised, the attacker inherits their administrative access to your environment. </p> <p> <strong> ATT&amp;CK Techniques: </strong> T1199 (Trusted Relationship), T1195.002 (Supply Chain Compromise), T1078.004 (Cloud Accounts) </p> <p> <strong> Malware families: </strong> Cobalt Strike BEACON (commercial C2 framework), CEELOADER (custom loader associated with APT29) </p> <h3> <strong> 3. TA505 Pivots to Government Targeting </strong> </h3> <p> <strong> What happened: </strong> Two high-confidence command-and-control IPs attributed to <strong> TA505 </strong> (also tracked as Hive0065, Graceful Spider) were identified actively targeting government and telecommunications sectors. TA505 is the group behind <strong> Clop ransomware </strong> and has historically operated as a financially-motivated APT delivering banking trojans and ransomware at scale. </p> <p> <strong> Why it matters: </strong> TA505&rsquo;s pivot to government targeting suggests either: (a) state agencies are being scoped for ransomware deployment, or (b) the group is expanding into data theft extortion against public sector targets. Their historical pattern is reconnaissance &rarr; initial access &rarr; Clop deployment within 14 days. </p> <p> <strong> ATT&amp;CK Techniques: </strong> T1071 (Application Layer Protocol), T1571 (Non-Standard Port), T1566 (Phishing) </p> <h3> <strong> 4. Exposed AI Infrastructure: The Attack Surface You Don&rsquo;t Know You Have </strong> </h3> <p> <strong> What happened: </strong> Security researchers scanning the internet identified over 90 government-sector AI/LLM instances (Flowise, n8n, Ollama) deployed without any authentication. These exposed instances leak API keys, workflow credentials, and in many cases allow arbitrary code execution through the AI agent interface. </p> <p> <strong> Why it matters: </strong> Agencies are deploying AI tools faster than security teams can discover them. An unauthenticated Ollama instance is effectively an open shell on your network. An exposed Flowise workflow may contain hardcoded credentials to production databases, APIs, or cloud accounts. </p> <p> <strong> ATT&amp;CK Techniques: </strong> T1190 (Exploit Public-Facing Application), T1552.001 (Credentials in Files), T1059 (Command and Scripting Interpreter) </p> <h3> <strong> 5. Nation-State Actors: Iran Retaliation Window + Russia Espionage Active </strong> </h3> <p> The May 4 Iranian missile strike on a U.S. naval vessel opens a well-documented cyber retaliation window. Historical precedent (2019 tanker crisis, 2020 Soleimani strike) shows Iranian cyber operations typically follow kinetic escalation within 48&ndash;72 hours. <strong> APT34 (OilRig/Helix Kitten) </strong> &mdash; affiliated with Iran&rsquo;s <strong> MOIS (Ministry of Intelligence and Security) </strong> &mdash; and <strong> UNC5625 </strong> have documented capability against U.S. government networks. </p> <p> Separately, Russia-nexus espionage campaigns are actively using <strong> Discord </strong> as a command-and-control channel to deliver backdoors against government, energy, and utility targets. This represents an evolution in delivery tradecraft &mdash; using legitimate collaboration platforms to evade network-based detection. </p> <p> <strong> Notable absence: </strong> Volt Typhoon and Salt Typhoon (China-nexus actors with pre-positioning capability in U.S. critical infrastructure) have shown zero new indicators for 3+ cycles. This silence is anomalous and may indicate an operational pause or infrastructure rotation rather than cessation of activity. </p> <h3> <strong> 6. ICS/OT: Six New ABB Advisories </strong> </h3> <p> CISA published six new advisories covering ABB industrial control system products: <strong> AWIN Gateways, OPTIMAX, PCM600, Edgenius, Symphony Plus Engineering, and System 800xA/IEC 61850 </strong> . Vulnerabilities include authentication bypass, remote reboot, and message injection &mdash; all directly relevant to water/wastewater SCADA environments operated by state and municipal utilities. </p> <h2> <strong> Predictive Analysis </strong> </h2> <table> <thead> <tr> <th> <p> Scenario </p> </th> <th> <p> Probability </p> </th> <th> <p> Timeframe </p> </th> <th> <p> Basis </p> </th> </tr> </thead> <tbody> <tr> <td> <p> AiTM phishing variants target state employee M365 accounts </p> </td> <td> <p> <strong> HIGH (70%) </strong> </p> </td> <td> <p> 7 days </p> </td> <td> <p> Campaign already hit 13,000 orgs; automated infrastructure; 92% U.S. targeting </p> </td> </tr> <tr> <td> <p> TA505 infrastructure pivots to Clop ransomware delivery against government </p> </td> <td> <p> <strong> MODERATE (50%) </strong> </p> </td> <td> <p> 14 days </p> </td> <td> <p> Historical TA505 pattern: recon &rarr; access &rarr; ransomware within 2 weeks </p> </td> </tr> <tr> <td> <p> Iranian APT retaliatory cyber operation against U.S. government networks </p> </td> <td> <p> <strong> MODERATE (50%) </strong> </p> </td> <td> <p> 48&ndash;72 hours </p> </td> <td> <p> Historical precedent from 2019/2020; APT34 (MOIS) and UNC5625 capability confirmed </p> </td> </tr> <tr> <td> <p> China-nexus actors resume SharePoint/SAP exploitation (CVE-2025-53770, CVE-2025-31324) </p> </td> <td> <p> <strong> LOW-MODERATE (35%) </strong> </p> </td> <td> <p> 14 days </p> </td> <td> <p> Prior active exploitation; silence may indicate target rotation </p> </td> </tr> <tr> <td> <p> Exploitation of exposed AI/LLM instances for initial access to government networks </p> </td> <td> <p> <strong> MODERATE (45%) </strong> </p> </td> <td> <p> 30 days </p> </td> <td> <p> 90+ instances confirmed exposed; trivial to exploit; no authentication required </p> </td> </tr> </tbody> </table> <h2> <strong> SOC Operational Guidance </strong> </h2> <h3> <strong> Detection Priorities </strong> </h3> <table> <thead> <tr> <th> <p> Priority </p> </th> <th> <p> What to Monitor </p> </th> <th> <p> ATT&amp;CK ID </p> </th> <th> <p> Detection Logic </p> </th> </tr> </thead> <tbody> <tr> <td> <p> <strong> CRITICAL </strong> </p> </td> <td> <p> New MFA method registrations not initiated by the account owner </p> </td> <td> <p> T1556.006 </p> </td> <td> <p> Entra ID audit log: &ldquo;User registered security info&rdquo; where registration IP &ne; user&rsquo;s known locations or where registration follows a sign-in from a known AiTM proxy infrastructure </p> </td> </tr> <tr> <td> <p> <strong> CRITICAL </strong> </p> </td> <td> <p> Session token replay from anomalous locations </p> </td> <td> <p> T1539 </p> </td> <td> <p> Impossible travel alerts; session tokens used from IPs/geolocations inconsistent with the authenticating user </p> </td> </tr> <tr> <td> <p> <strong> HIGH </strong> </p> </td> <td> <p> Outbound connections to Discord API (discord.com/api, gateway.discord.gg) from servers/workstations </p> </td> <td> <p> T1102.002 </p> </td> <td> <p> Network logs showing non-browser processes communicating with Discord endpoints &mdash; especially PowerShell, cmd.exe, or unsigned binaries </p> </td> </tr> <tr> <td> <p> <strong> HIGH </strong> </p> </td> <td> <p> Cobalt Strike BEACON C2 patterns </p> </td> <td> <p> T1071.001 </p> </td> <td> <p> HTTP/HTTPS beaconing with regular intervals (jitter analysis); named pipe creation matching default Cobalt Strike patterns; malleable C2 profile detection </p> </td> </tr> <tr> <td> <p> <strong> MEDIUM </strong> </p> </td> <td> <p> Unauthenticated AI service ports exposed externally </p> </td> <td> <p> T1190 </p> </td> <td> <p> External scan for ports 11434 (Ollama), 3000 (Flowise), 5678 (n8n); internal asset inventory reconciliation </p> </td> </tr> <tr> <td> <p> <strong> MEDIUM </strong> </p> </td> <td> <p> PDF attachments with HR disciplinary lure patterns </p> </td> <td> <p> T1566.001 </p> </td> <td> <p> Email gateway rule: quarantine PDFs with filenames containing &ldquo;Disciplinary Action,&rdquo; &ldquo;Employee Device Handling,&rdquo; or &ldquo;Code of Conduct Case&rdquo; </p> </td> </tr> </tbody> </table> <h3> <strong> Hunting Hypotheses </strong> </h3> <ol> <li> <strong> Hypothesis: </strong> AiTM-compromised accounts exist in our environment from the April 14&ndash;16 campaign window. </li> </ol> <ul> <li> <strong> Hunt: </strong> Query Entra ID for all MFA method registrations between April 14&ndash;20 where the registering IP differs from the user&rsquo;s prior 30-day sign-in pattern. Cross-reference with Conditional Access policy bypass events. </li> </ul> <ol> <li> <strong> Hypothesis: </strong> A third-party cloud provider with administrative access to state systems has been compromised. </li> </ol> <ul> <li> <strong> Hunt: </strong> Audit all service principal sign-ins and OAuth app consent grants in the past 30 days. Flag any new application permissions granted to cloud provider tenants. Review cloud provider admin session durations and source IPs. </li> </ul> <ol> <li> <strong> Hypothesis: </strong> AI/LLM tools have been deployed on state networks without security team awareness. </li> </ol> <ul> <li> <strong> Hunt: </strong> Run internal network scan for services on ports 11434, 3000, 5678, 8080 (common AI tool defaults). Query DNS logs for resolution of ollama.ai, flowise.ai, n8n.io from internal hosts. Check cloud resource inventories for GPU-enabled instances. </li> </ul> <h2> <strong> Sector-Specific Defensive Priorities </strong> </h2> <h3> <strong> Financial Services (State Treasury, Tax Processing, Benefits Systems) </strong> </h3> <ul> <li> <strong> Primary threat: </strong> TA505/Clop ransomware targeting financial data for double extortion </li> <li> <strong> Action: </strong> Ensure offline backups of tax processing databases are current and tested. Implement application allowlisting on systems processing financial transactions. Monitor for Clop precursor tools (FlawedAmmyy, SDBbot, TrueBot). </li> <li> <strong> AiTM risk: </strong> Finance staff with access to payment systems are high-value AiTM targets &mdash; prioritize FIDO2 enrollment for treasury and accounts payable personnel. </li> </ul> <h3> <strong> Energy (State-Operated Utilities, Power Grid Coordination) </strong> </h3> <ul> <li> <strong> Primary threat: </strong> Russia-nexus espionage (Discord C2 vector) + Iranian retaliatory operations targeting energy sector </li> <li> <strong> Action: </strong> Patch all ABB ICS products per CISA advisories (AWIN Gateways, OPTIMAX, PCM600, Edgenius, Symphony Plus, 800xA). Segment OT networks from IT. Block Discord at the OT/IT boundary. Increase monitoring of SCADA historian servers for anomalous queries. </li> <li> <strong> Iran window: </strong> Elevate monitoring of energy sector OT networks for the next 72 hours given Iranian retaliation probability. </li> </ul> <h3> <strong> Healthcare (Public Health Systems, Medicaid, State Hospitals) </strong> </h3> <ul> <li> <strong> Primary threat: </strong> Ransomware (TA505/Clop, Rhysida) targeting healthcare data for extortion; AiTM credential theft of clinical staff accounts </li> <li> <strong> Action: </strong> Verify that electronic health record (EHR) systems have immutable backups. Enforce phishing-resistant MFA for all clinical and administrative staff with access to patient data. Audit third-party health IT vendor access for session monitoring and MFA enforcement. </li> <li> <strong> AI exposure: </strong> Health agencies experimenting with AI for data analysis may have deployed unauthenticated instances &mdash; include in the AI infrastructure audit. </li> </ul> <h3> <strong> Government (All State Agencies, Courts, Elections, Law Enforcement) </strong> </h3> <ul> <li> <strong> Primary threat: </strong> Nation-state espionage (APT29 via cloud provider compromise; APT34/MOIS and UNC5625 Iranian retaliation); AiTM credential theft at scale </li> <li> <strong> Action: </strong> Immediately audit all third-party cloud provider administrative access. Accelerate FIDO2 deployment for all Tier 0/1 administrators and elected officials&rsquo; accounts. Review Conditional Access policies to require compliant devices and block legacy authentication protocols. </li> <li> <strong> Elections: </strong> With election infrastructure as a known nation-state target, ensure election management systems are air-gapped and that any cloud-based voter registration systems enforce phishing-resistant MFA. </li> </ul> <h3> <strong> Aviation / Logistics (State DOT, Airports, Port Authorities) </strong> </h3> <ul> <li> <strong> Primary threat: </strong> Russia-nexus espionage targeting transportation; supply chain compromise through logistics software vendors </li> <li> <strong> Action: </strong> Audit all third-party logistics and transportation management software for cloud provider trust relationships. Monitor for Discord-based C2 from systems in transportation networks. Ensure GPS/timing systems are not dependent on single-source inputs vulnerable to spoofing. </li> <li> <strong> Supply chain: </strong> Transportation agencies often rely on numerous small vendors for fleet management, tolling, and scheduling &mdash; assess each for security baseline compliance. </li> </ul> <h2> <strong> Prioritized Defense Recommendations </strong> </h2> <h3> <strong> IMMEDIATE (Within 24 Hours) </strong> </h3> <table> <thead> <tr> <th> <p> Priority </p> </th> <th> <p> Owner </p> </th> <th> <p> Action </p> </th> </tr> </thead> <tbody> <tr> <td> <p> 1 </p> </td> <td> <p> SOC </p> </td> <td> <p> Deploy detection for unauthorized MFA method registrations in Entra ID. Alert on &ldquo;User registered security info&rdquo; events where the source IP is anomalous or where registration occurs within 1 hour of a sign-in from unfamiliar infrastructure. </p> </td> </tr> <tr> <td> <p> 2 </p> </td> <td> <p> IT Ops </p> </td> <td> <p> Emergency audit of all externally-accessible AI/LLM deployments. Any Flowise, n8n, Ollama, or similar instance without authentication must be taken offline or placed behind SSO immediately. </p> </td> </tr> <tr> <td> <p> 3 </p> </td> <td> <p> Email Security </p> </td> <td> <p> Quarantine inbound PDFs with filenames matching AiTM lure patterns: &ldquo;Disciplinary Action,&rdquo; &ldquo;Employee Device Handling Case,&rdquo; &ldquo;Code of Conduct.&rdquo; </p> </td> </tr> <tr> <td> <p> 4 </p> </td> <td> <p> SOC </p> </td> <td> <p> Elevate monitoring posture for Iranian APT indicators (APT34/OilRig TTPs &mdash; MOIS-affiliated) for the next 72 hours given kinetic escalation. </p> </td> </tr> </tbody> </table> <h3> <strong> 7-DAY </strong> </h3> <table> <thead> <tr> <th> <p> Priority </p> </th> <th> <p> Owner </p> </th> <th> <p> Action </p> </th> </tr> </thead> <tbody> <tr> <td> <p> 1 </p> </td> <td> <p> CISO </p> </td> <td> <p> Accelerate FIDO2/passkey deployment for all privileged accounts (domain admins, Azure Global Admins, finance approvers, HR directors). AiTM attacks make all non-phishing-resistant MFA ineffective. </p> </td> </tr> <tr> <td> <p> 2 </p> </td> <td> <p> IT Ops </p> </td> <td> <p> Patch all ABB ICS products across water/wastewater SCADA environments per CISA advisories ICSA-26-120-01 through -06. Prioritize authentication bypass vulnerabilities. </p> </td> </tr> <tr> <td> <p> 3 </p> </td> <td> <p> IT Ops </p> </td> <td> <p> Verify patch status for CVE-2026-31431 (&ldquo;Copy Fail&rdquo; Linux kernel) on all Linux servers &mdash; CISA KEV deadline is May 15. </p> </td> </tr> <tr> <td> <p> 4 </p> </td> <td> <p> IT Ops </p> </td> <td> <p> Verify patch status for CVE-2026-41940 (cPanel/WHM authentication bypass) on any MSP-managed hosting infrastructure. </p> </td> </tr> <tr> <td> <p> 5 </p> </td> <td> <p> Security Architecture </p> </td> <td> <p> Audit all third-party cloud provider service principals and OAuth application consents. Revoke any unnecessary permissions. Implement alerting on new consent grants. </p> </td> </tr> </tbody> </table> <h3> <strong> 30-DAY </strong> </h3> <table> <thead> <tr> <th> <p> Priority </p> </th> <th> <p> Owner </p> </th> <th> <p> Action </p> </th> </tr> </thead> <tbody> <tr> <td> <p> 1 </p> </td> <td> <p> CISO </p> </td> <td> <p> Commission a comprehensive inventory of all third-party cloud providers with administrative access to state systems. Assess each for: MFA enforcement on admin accounts, session duration limits, incident notification SLAs, and audit log availability. </p> </td> </tr> <tr> <td> <p> 2 </p> </td> <td> <p> CISO </p> </td> <td> <p> Issue interim directive requiring all AI/LLM deployments to register with the security team and pass a baseline configuration review before production use. </p> </td> </tr> <tr> <td> <p> 3 </p> </td> <td> <p> Security Architecture </p> </td> <td> <p> Develop Zero Trust implementation roadmap for OT/SCADA networks based on CISA&rsquo;s &ldquo;Adapting Zero Trust Principles to OT&rdquo; guidance (released April 29, 2026). </p> </td> </tr> <tr> <td> <p> 4 </p> </td> <td> <p> CISO </p> </td> <td> <p> Evaluate Conditional Access policies to enforce phishing-resistant MFA (FIDO2 only) for all cloud application access &mdash; not just privileged accounts. Develop rollout timeline for general population. </p> </td> </tr> <tr> <td> <p> 5 </p> </td> <td> <p> IR Team </p> </td> <td> <p> Conduct tabletop exercise simulating a cloud provider compromise scenario &mdash; test detection, containment, and communication procedures when a trusted third party is the attack vector. </p> </td> </tr> </tbody> </table> <h3> <strong> Executive / IR Preparedness </strong> </h3> <ul> <li> <strong> Brief the Governor&rsquo;s office </strong> on the Iranian cyber retaliation window and potential for disruptive attacks against state infrastructure within 72 hours. </li> <li> <strong> Pre-position IR retainers </strong> &mdash; ensure incident response vendor contracts are current and that the vendor can mobilize within 4 hours if a ransomware event occurs. </li> <li> <strong> Review cyber insurance policy </strong> &mdash; confirm coverage for supply chain compromise scenarios (cloud provider breach leading to state data exposure). </li> <li> <strong> Prepare public communications templates </strong> for a ransomware or data breach scenario &mdash; having pre-approved language reduces response time from days to hours. </li> </ul> <h2> <strong> Bottom Line </strong> </h2> <p> The intelligence is clear: <strong> identity is the new perimeter, and your current MFA is not holding it. </strong> </p> <p> Thirty-five thousand accounts compromised in three days is not a future scenario &mdash; it already happened. The question for every state CISO today is whether their privileged accounts will be in the next wave. The answer depends on whether FIDO2 deployment is treated as a strategic initiative or an emergency. </p> <p> Simultaneously, the trust you place in cloud providers and the AI tools your agencies are deploying without oversight represent blind spots that adversaries are actively exploiting. You cannot defend what you cannot see. </p> <p> Three actions that will materially reduce your risk this week: 1. <strong> Deploy FIDO2 for every privileged account. </strong> Not next quarter. This week. 2. <strong> Find and lock down every unauthenticated AI instance </strong> on your network. 3. <strong> Audit every cloud provider </strong> with administrative access to your systems. </p> <p> The threat actors aren&rsquo;t waiting. Neither should you. </p>