Cyber-threats are a constantly evolving issue, which are becoming stronger more resistant and somewhat indiscriminate their targets. It seems we hear more and more tales of business infrastructure being victim of cyber-attacks. with high profile attacks consistently making it into mainstream news.
With the significant increase in malicious activity, developers and IT leaders are under more pressure than ever to ensure that data is both available and secure. Resiliency and security can come at a high cost, though this is generally not as high as the impact of losing the integrity of your data or access to it not to mention the damage cyber-attacks can cause between business and end user relationships.
One of the most recent examples of these types of attacks target passwords. Originally, brute-force password attacks were a popular option to gain access, but this is generally no longer as effective with standard security measures such as locking accounts after minimal password attempts. To try and circumvent such measures, many opportunist hackers now use password spray attacks to disarm their targets infrastructure.
Password spray attacks are not new, but their occurrence is growing rapidly.
Password spraying is quite the opposite of a brute-force attack. This method takes a large number of usernames and loops them with a single password. This is when multiple iterations using a number of different passwords can be used, but the passwords attempted is usually low in comparison to the number of users attempted, ultimately avoiding password lockouts, a method that is often effective at uncovering weak passwords.
If a password spray attack is successful, US-CERT advises that these attacks can have a huge impact on a business including:
Both Brute Force Attacks and Password Spray Attacks can be halted before full exploitation – if there are related security policies in place. The first step is to being alert to the warning signs of a spray attack. US-CERT say that warning signs of a password spray attack include:
Microsoft recommend that to keep password spray attacks from being successful, there are basic groundwork steps that include:
Microsoft are a leader when it comes to security and a driver behind many of the advancements being made to combat the growth of cyber-threats. Microsoft CISO Bret Arsenault believes the company is on its way to preventing spray attacks and to a secure future with fewer passwords.
“If you have a password filter, if you have MFA and if you have strong proofing, then you’re really in a great state,” Arsenault said.