Brute Force Attack Part 2: Why, Motives, Real Cases, and Prevention Strategies
Blog By
Corrine Kiwanuka
Cybersecurity & IT Risk Analyst (CITRA)
South-End Tech Limited
In the previous blog I covered what is a brute force attack, the science behind it, and the types that are there. In case you missed it here is a link to it:https://southendtech.co.ke/why-brute-force-attacks-are-getting-brutal-and-fatal-the-science-behind-brute-force-attacks/
If you are curious on what we will be handling on this section then brace yourself for an insightful read on;
- Why brute force attacks are dangerous.
- Motives behind an attack.
- Real world case scenarios.
- How to prevent it both personal and on a business level.
Let’s dive into it:
Why brute Force Attacks are Dangerous.
This is akin to asking why is drinking dirty water harmful, or worse yet why playing with a venomous snake dangerous… I know about a million reasons just popped out of your head.
Back to why brute force is dangerous:
- Access to Sensitive Data
We have a lot information that we don’t want out there in the open. Personal and Business information should remain confidential and, on a need, to know basis. Imagine waking up and finding all your information out there or someone guessed your work device password and company financial details are out there just because you thought using “!23P@ssword” as a password was a good idea.
- Financial Losses
If someone has access to your company or personal financial details, what is really stopping them from stealing what is there? What will stop an attacker from locking all the company resources and demanding for a ransomware to release your resources? In the end, both you and an organization will suffer financial losses while an attacker gains financially.
- Ransomware Attacks
When one has unauthorized access through brute force attacks, it leads to an open clear way to deploying a ransomware attack. This will be done when an attacker encrypts critical business infrastructure and demands for payment to release the infrastructure.
- Reputational Damage.
Imagine seeing your favorite bank on the news every month, not for anything else but for constantly being attacked by hackers or even worse, script kiddies.
This kind of reputation is not good for any business. They will probably lose a lot of customers as well as funding. They even risk closure since they are losing customer information and their financial resources.
- Facilitation of Other Cyber Threats.
The major issue when one attacker discovers a weakness in your system and they successfully exploit it, then as a person or as an institution you need to take a very deep cleansing of your entire network and device infrastructure. Why you may ask?
This maybe their one-time opportunity to actually gain access to your systems, meaning that they would still love to have access to your files and also critical system points. Hence, they will install a backdoor, or install malware that will be helpful for future intrusions.
- Legal and Regulatory Compliance Consequences.
Imagine waking up and getting notifications from Office of the Data Protection Commissioner due to your clients suing your company or organization for not safeguarding their data and also breaking the Kenya Data Protection Act. It leads to investigations which may lead to loss of revenue since business will not be done as usual.
Motives Behind an Attack.
“Hackers rarely have full knowledge of the technology stack of a target, yet they can still exploit minor vulnerabilities to wreak havoc.”
— John McAfee
An attacker may not need a motive but sometimes they do have motives.
- Ransomware Deployment.
This is essentially kidnapping of your critical infrastructure for a fee so that it can be released. This motive will paralyze your business operations as an attacker has gained access to your critical data and encrypted all of it for a fee.
- Disruption for Competitive Advantage.
Rivalry in business is a common thing. It may not even be a hacker who has targeted your organization. An attacker maybe contracted to cause disruptions by your competitors so that that may ruin the reputation of a competitor’s business.
- Building Botnets
Attackers may often than not use brute force to commander business systems that are poorly secured. They in turn them into a part of a botnet for large scale attacks like a Distributed Denial of Service (DDoS) attack.
- Hacktivism
When an attacker has a certain ideology that they feel has been abused by an organization, it maybe something that they consider unethical or harmful to push a political or a social agenda.
- Revenge by Insiders or Disgruntled Employees.
According to research, it is always most likely an insider job. Why most companies or businesses take a while to remove fired or resigned employees. If this employee left when they were the least satisfied, then they can just organize an attack to a company. This could be worse if the disgruntled employee had access to you most important information.
What can be done and How can you Protect Yourself and Business.
Mitigating Brute force attacks requires a layered approach to cybersecurity. Here are a few tips to help:
- Enforce Strong Password Policies.
There are a few password policies that can be put in place in an organization. Even for individuals it is important to ensure these password policies are put in place:
- Require long, complex password that include a mix of letters, numbers, and symbols.
- Regularly prompt employees to update passwords and discourage reuse across platforms.
Implement Multi-Factor Authentication
The use of MFA has become very common nowadays. This is used to give an extra layer of protection even if the password is compromised, an attacker will have to find a way around the second layer of security put in place.
- Enable Account Lockout Policies
In the same way that if you don’t remember your password well you have 3 attempts before your account is locked, then this should also be enabled for company accounts, incase anyone tries to brute force the login attempts.
- Use CAPTCHA
Implementing CAPTCHA login prevents brute force attacks that could be done by automated bots
- Use Web Application Firewalls
This can help detect and to block brute force attacks by monitoring and filtering incoming traffic.
- Monitor IP Addresses
Ensure that all login attempts are checked to prevent unfamiliar IP addresses and block the suspicious ones.
- Regular Security Audits
It is important that no matter how big or small your business is, Kindly conduct security audits to identify any vulnerabilities to enable them to be resolved on time. There are so many preventions that can be implemented, so it is important to note what works for you as an individual as well as what will work for your business or any business at all.
Please do not hesitate to contact us for your Data Governance Solutions and Cybersecurity Service needs.
Tel: +254115867309|+254740196519
Email:ckiwanuka@southendtech.co.ke; info@southendtech.co.ke; cybersecurity@southendtech.co.ke; dataprotection@southendtech.co.ke.