Amidst the ongoing pandemic, enterprises are facing the wrath of brute force attacks since weak passwords are diagnosed as its cause. Cybercriminals have taken to such attacks using either a variety of botnets or Remote Desktop Protocol., with a large number of populations opting to work from home.
Brute-force attacks typically are aimed at computers and devices on networks to capture email addresses, passwords, passphrases, usernames, and PINs. Passwords that are weak or otherwise vulnerable or easy to guess are exploited by such attacks.
Profits are then elicited from their ill-gotten gains by distributing malware, spamming or phishing unsuspecting victims, or selling the stolen credentials on the dark web. In such kinds of attacks, obtaining the credentials to an account gives cybercriminals the means to compromise an entire network.
Present-day scenario –
- Recently, several instances of brute-force attacks have been discovered. The latest attack was used in a new ransomware campaign dubbed ‘PLEASE_READ_ME’.
- A brute-force attack process was used to hijack MySQL servers and pilfer sensitive data before leaving behind a ransom note for victims, in this recent attack that dates back between January and November.
- The attack method is also deemed to be popular among botnets. A new crypto-mining botnet called PGMiner leveraged brute-force methods to target PostgreSQL database servers and mine Monero cryptocurrencies, towards the end of November this year.
- Another botnet, a variant of Gitpaste-12, was also found including a list of passwords for brute-force attempts as part of its attack campaign.
Corporate credentials from across industries keep ending up for sale on Dark Web forums despite industries employing moderate cybersecurity capabilities. The most important reason is due to weak passwords. Consequently, these stolen credentials can be used in a wide range of attacks, including complicated brute-force attacks, to gain access into networks.
Brute force attacks are here to stay as the hacker toolkits are expanding and evolving at a rapid pace. Enterprises should gear up their defense mechanisms to protect their employee and admin passwords. One such good security practice includes changing privileged passwords frequently and the use of eScan’s two-factor authentication.
To read more, please check eScan Blog
