This blog is part of our Consultant Corner series, a collection of 5-minute reads on trends our Cybersecurity Consultants are seeing and tips for IT teams to stay protected.
During this time of lockdown and remote working, many are brushing up on their extra reading and learning. We have asked our expert cybersecurity consultants to write up 5-minute reads on trends they’re seeing and tips for IT teams to stay protected. These topics aren’t COVID-19 specific and vary from VPN to brute-force attacks to barcodes.
You can stay alerted to new blogs from ‘Consultant Corner’ as soon as they are made available just register in our pop-up form below. After all, a cybersecurity blog a day keeps the malicious attackers at bay.
This blog is focused on brute force attacks and is written by, Tom Hulme, Cybersecurity Consultant at SureCloud.
A brute force attack is one of the most simple forms of hacking that exists. Unlike many other tactics used by hackers, brute force attacks don’t rely on vulnerabilities within websites. Instead, these attacks rely on users having weak or guessable credentials.
Usually, the motive behind this attack is to use the breached account to execute a large-scale attack, steal sensitive data, or shut down the system. There are widely available automated tools that can submit several hundred password attempts per second, which makes this task easy for an attacker with very little imagination or knowledge.
Passwords are not the only resource that can be brute-forced. Website directories and links, usernames, and emails are also common targets for attackers.
Here are conditions that could indicate a brute force attack or other account abuse:
SureCloud is a provider of cloud-based, Integrated Risk Management products and Cybersecurity services, which reinvent the way you manage risk.
SureCloud also offers a wide range of Cybersecurity testing and assurance services, where we stay with you throughout the entire test life-cycle from scoping through to vulnerability discovery and remediation. Certified by the National Cyber Security Centre (NCSC) & CREST and delivered using the innovative Pentest-as-a-Service (underpinned by a highly configurable technology platform), SureCloud acts as an extension of your in-house security team and ensures you have everything you need to improve your risk posture.