By Dana Liedholm on Apr 26, 2018 1:39:39 PM
Last month, the United States Department of Justice indicted nine Iranian hackers for a wave of brute force attacks. These attacks resulted in the digital theft of more than 31 terabytes in information worth $3 billion in intellectual property.
The hackers, using a type of brute force attack called password spraying, were able to infiltrate 144 U.S.-based universities and 47 other entities, including public and private sector organizations. In addition to the U.S. crimes, the hackers also targeted another 176 universities in 21 other countries.
Large-scale data breaches like these are concerning for any organization, especially ones dealing with sensitive data. Explore this article to learn more about password spraying and the steps MSPs can take to prevent a hack like this happening to one their customers’ companies.
What is Password Spraying?
In response to the major data breach and indictment of the hackers responsible, the Department of Homeland Security and the Federal Bureau of Investigation released information about the type methods that were used.
Their online weapon of choice was password spraying. This is a form of brute force attack that is difficult to detect, and it’s an efficient way for hackers to gain access to a large number of passwords at once. Accounts like email logins or cloud-based solutions are highly vulnerable to password spraying.
With regular brute force attacks, hackers use a trial-and-error system to guess passwords, running through countless consecutive guesses until they land on the right password. The problem with this method is that some accounts have automatic lockout once too many incorrect password attempts have been made.
Unlike traditional brute force attacks where only one password at a time for one account is guessed, a single password can be guessed on multiple accounts simultaneously, which minimizes the number of failed attempt lockouts hackers face. Once a password is stolen, hackers gain access to accounts and can sell the credentials on the Dark Web.
3 Ways to Ensure Your Passwords Are Secure
While password spraying might sound like a scary threat for your customers’ companies, there are a few actions you can take to ensure their passwords and accounts remain secure, even in the face of the most advanced hackers.
Use Multi-factor Authentication
Because password spraying is particularly successful when it comes to single sign-on accounts, like an email or cloud drive, multi-factor authentication is a powerful safeguard against this type of breach.
Multi-factor authentication relies on a piece of personal information beyond your password to grant access to an account. This could include a security question that only an account holder would know the answer to, a PIN (personal identification number), or a code sent to your email or mobile device.
Using multi-factor authentication ensures that even if a password is compromised, your accounts remain secure. Recommend and implement multi-factor authentication methods for your customers’ accounts.
Regularly Update and Communicate Password Policies
Hackers’ methods grow more sophisticated each day, so it’s important that your customers’ password policies are regularly updated and you communicate changes to their team. It’s important to set strong password guidelines that will be harder to crack. To ensure passwords are secure, customers should:
- Use upper and lowercase letters
- Use numbers
- Use symbols
- Set different passwords for different accounts
- Change passwords every three to six months
- Avoid including personal information
Beyond just updating your password policies, you should communicate these updates to your customers, as well. When your customers are educated on password security, they’re less likely to fall for hackers’ tricks.
Monitor for Exposure!
It’s nearly impossible to prevent passwords from ever being stolen and sold on the Dark Web. So, it’s crucial that you monitor the Dark Web regularly to see if compromised passwords from your customers’ organizations are for sale.
Because Dark Web monitoring is a time-consuming process, you should consider investing in a solution like Dark Web ID™, to do the legwork for you. This tool helps MSPs monitor the Dark Web for compromised credentials and sends alerts when compromises are detected. Dark Web ID puts time back in your schedule and acts as the last line of defense against a major data breach. When a compromised password is detected, you can act quickly to remedy the problem.
When you take action to protect your client data, you’re better equipped to thwart methods like password spraying. If you stay vigilant when it comes to Dark Web credential monitoring, your clients will thank you for the ongoing protection.
Find out how Dark Web ID can help you protect your customers' credentials. Learn about ID Agent's Partner Program now.