Microsoft Warns Over Uptick In Password Spraying Attacks

Share on facebook
Share on twitter
Share on linkedin
Share on reddit

Cyber attackers aren’t just looking for software flaws, supply chain weakness, and open RDP connections. The other key asset hackers are after is identities, especially account details that will give them access to other internal systems.

CISA earlier this year warned that the suspected Kremlin-backed hackers behind the SolarWinds attacks were not just trojanising software updates, but also password guessing and password spraying administrative accounts for initial access.

More recently, Microsoft observed an emerging Iranian hacking group using password spraying against Israeli and US critical infrastructure targets operating in the Persian Gulf. 

SEE: Ransomware: Industrial services top the hit list – but cyber criminals are diversifying

Microsoft estimates that more than a third of account compromises are password spraying attacks, even though such attacks have a 1% success rate for accounts, unless organisations use Microsoft’s ‘password protection’ to avoid bad passwords

“Instead of trying many passwords against one user, they try to defeat lockout

Read more