Method: TA 18-086A: Brute Force Attacks / Password Spraying

In March 2018, the Department of Justice indicted nine Iranian nationals for conducting brute force style attacks against organizations in the United States utilizing a technique referred to as “Password Spraying”.

Characteristically, brute force attacks attempt to authenticate credentials by guessing the password of a single user account, however accounts now will typically lock out after a handful of failed attempts. “Password Spraying” attempts to successfully authenticate using easy-to-guess passwords against multiple user accounts. This technique reduces the chance of triggering red flags for multiple failed attempts from a single user.

“Password Spray” attacks target single sign-on (SSO) and cloud-based applications that use federated authentication protocols in an attempt to hide malicious traffic. Federated authentication protocols are used in linking a person’s electronic identity across multiple identity management systems, which will also broaden the attacker’s scope to maximize access to intellectual property during a successful compromise.

Proficio Threat Intelligence Recommendations:

  • Implement strong password standards
  • Enable multi-factor authentication
  • Abstain from clicking non-validated email links

Alert TA 18-086A – Click Here

Recent Blog Posts

Stay Ahead of Evolving Threats

Sign up for our free newsletter and receive invaluable threat notifications from our Threat Intelligence team.

By submitting this form, you agree to the Proficio Website Terms of Use and the Proficio Privacy Policy.

REQUEST A DEMO

Experience Tomorrow’s
Security Today

Request a Demo and Experience Proficio's
Innovative Solutions in Action.

By submitting this form, you agree to the Proficio Website Terms of Use and the Proficio Privacy Policy.