In 2017, both the UK and Scottish Parliaments fell victim to brute-force attacks. One year later, a similar but unsuccessful attack occurred in the Northern Irish Assembly. And this year, Hong Kong’s Cathay Pacific suffered a brute-force attack and was fined £500,000 [~$630,000] by the UK’s data regulator for lacking sufficient preventative measures. The ad-blocking service AdGuard also forced a password reset on all its users after suffering a brute-force attack.
According to Verizon’s 2020 Data Breach Investigations Report, hacking, which includes brute forcing passwords, remains the primary attack vector. Over 80% of breaches caused by hacking involve brute force or the use of lost or stolen credentials. For months now, we have heard about the increasing number of phishing emails attempting to take advantage of people’s fears amid the pandemic. Now, a growing number of brute-force attacks is threatening business networks around the globe.
What is a brute-force attack?
A brute-force attack (also known as brute-force cracking) is a method of trying every possible password until the right one is found. These attacks are done by ‘brute force’, meaning they use excessive forceful attempts to ‘force’ their way into private accounts. This attack method is old, but still effective and popular with hackers. Gaining access to a valid account can mean compromising the entire site, which bad actors can then use as part of their network of compromised websites. ‘’Unlike many other tactics used by bad actors, brute-force attacks don’t rely on vulnerabilities within websites. Instead, they rely on users having weak or guessable credentials. The simplicity and number of potential targets make brute-force attacks very popular,’’ says Juta Gurinaviciute, Chief Technology Officer at NordVPN Teams. Brute-force attacks are often used to target devices on remote networks to obtain personal information, such as passwords, pass phrases, usernames, personal identification numbers (PINs), and emails. Hackers will then attempt to profit from the access by spamming, distributing malware, or phishing unsuspecting victims. “There is little finesse involved in a brute-force attack, so attackers can run several attacks in parallel to increase their chances of success,” adds Ms. Gurinaviciute.
Increasing attacks on Windows’ remote desktop protocol (RDP)
With the rise of remote work due to COVID-19, many brute-force attacks have been attempting to exploit the Windows remote desktop protocol (RDP), used by network administrators to remotely manage Windows systems. According to Kaspersky’s observation, whether it is China, Italy, the United States, Spain, Germany, France, or Russia, there has clearly been an increase in the number of RDP brute-force attacks since mid-March this year. For example, the number of attacks in the US amounted to around 200,000 before the pandemic and surpassed 800,000 in mid-March. In April, it reached 1.4 million. “It comes as no surprise that bad actors now direct brute-force attacks towards individuals. Users working from home don’t have the extra layers of protection provided by their offices or enterprise systems, making them much easier targets. Many users also choose weak passwords, which are relatively easy to compromise using simple brute-force techniques,” comments Juta Gurinaviciute, Chief Technology Officer at NordVPN Teams.
How to protect your company against brute-force attacks
Catching and neutralising a brute-force attack in progress is the best option — once attackers have access to the network, they’re much harder to catch. Once you detect and stop the attack, you can even block or blacklist IP addresses and prevent further attacks from the same computer.
Common sense is also important in identifying brute-force attempts. If it appears that someone is repeatedly and unsuccessfully trying to log in to an account, it is likely an attempted brute-force attack. The signs can include: the same IP address unsuccessfully trying to log in multiple times; many different IP addresses unsuccessfully trying to log in to a single account; multiple unsuccessful login attempts from various IP addresses in a short time period.
‘’Some attacks can take weeks or even months to provide anything usable. Most of the defences against brute-force attacks involve increasing the time required for the attack to succeed. Avoiding brute-force attacks can simply be a matter of changing the company’s online habits, like using stronger passwords and not reusing them, or updating easy-to-guess URLs. Enforcing user locking after a few unsuccessful password attempts may also help to mitigate the attack at an early stage,’’ says the NordVPN Teams expert.
Organisations may also want to improve security by setting up two-factor or multiple-factor authentication, putting the website behind a web application firewall (WAF), installing a virtual private network (VPN) gateway to broker all RDP connections from outside their local network, and encrypting data on devices used for work. Above all, companies should take the time to train employees on the basics of digital security.
For more information visit: nordvpnteams.com
For more Technology news follow i-invest Online.
- GITEX GLOBAL 2025I-invest are proud to be a media partner of GITEX GLOBAL 2025, the world’s largest tech, AI & startup show taking place at Dubai World Trade Centre from 13–17 October this year. For over four decades, GITEX GLOBAL has been the premiere gateway for tech creators, investors and enthusiasts to collaborate. This year marking its… Read more: GITEX GLOBAL 2025
- Silver linings: How to change the midlife career narrativeMidlife job-seeking is often subject to ageism and disheartening rejections from automated application tracking systems – unless you change your narrative, says coach and author of a new book Sarah Bird In the first month of working as a volunteer coach on a local employability course it was glaringly obvious there was one quality that… Read more: Silver linings: How to change the midlife career narrative
- Leading IoT identity security platform launches latest AI-supported automationThe latest iteration of KeyScaler from Device Authority simplifies full lifecycle management of unmanaged devices in line with new NIST recommendations Global leaders in automated IoT security and identity management, Device Authority has recently announced the 2025 release of its award-winning KeyScaler and KeyScaler as a Service (KSaaS) platform which enables a more streamlined experience… Read more: Leading IoT identity security platform launches latest AI-supported automation
- Ark and Nebius collaborate to drive UK expansion of AI infrastructureHigh-density facility supports Nebius’s deployment of thousands of NVIDIA Blackwell Ultra GPUs and forms part of Ark’s £7.5 billion UK expansion roadmap Ark Data Centres, the UK’s leading data centre developer and operator, has announced a long-term agreement with Nebius (NASDAQ: NBIS), a leading AI infrastructure company, that will see one of the UK’s first… Read more: Ark and Nebius collaborate to drive UK expansion of AI infrastructure
- Unlock your ESG strategy with modern data architectureAgainst a backdrop of new legal requirements, such as the EU Taxonomy, modern data architecture holds the key to a sustainable supply chain transformation, says Tim Srock, CEO of Lobster In recent years, companies have been facing growing pressure to implement sustainable business practices transparently and efficiently. This is now expected of data management. The… Read more: Unlock your ESG strategy with modern data architecture