Quote:
The Pathology of a Brute Force Attack and How to Deal with Them
Cybersecurity has become a vital cog in any company, regardless of profile. Business-owners learned that malicious attacks and hackers are not be underestimated. A ransomware report put together by Coveware shows that companies had to pay an average of $84,000 to retrieve data encrypted by Ryuk and Sobinoki. The same report also mentions that the post-payment data-retrieval success rate is 98%.
Encouraging, but not exactly an assurance. Ransomware is not the only malware to hit corporate. Heimdal™ Security, along with many other cybersecurity actors, has ‘seen’ what can best be described as a resurgence of the brute force attack, one the most rudimentary, but unexpectedly efficient cyber-aggression.
Normally, brute force attacks would be neutralized either by an installed, multi-feature anti-malicious agent or by altering the login rules and policies. However, the circumstances preclude the deployment of adequate defenses.
In this article, we are going to reexamine brute force attacks – what they are, how they work, and how to formulate a proper defense strategy. We shall also touch upon the matter of BFA resurgence and present Heimdal™ Security’s telemetry, attempting to correlate remote work with brute force attack.
The Pathology of a Brute Force Attack
In cryptography, a brute-force attack* is a type of cyber-aggression that key-derivation functions in an attempt to ‘guess’ the password or passphrase on the target machine. It’s also called a cryptanalytic attack since brute force attacks rely on cryptologic functions to ‘crack’ the cipher and infiltrate the machine.
Many believe BFAs to be crude, rudimentary, and rough. Nothing could be further from the truth. According to the paper
A Study of Passwords and Methods Used in Brute-Force SSH Attacks by Jim Owens and Jeanna Matthews of Clarkson University’s Department of Computer Science, brute-force attacks rely heavily on password and passphrase dictionaries and on cryptologic ‘magic tricks’ that allow the malicious actors to guess the user’s credentials.
The outstanding analogy is that of a digital padlock – the attacker, with no hint about the password’s constitution, which, in the case of padlock is a combination of numbers (i.e. some even employ alpha-numeric symbols), will attempt to unlock the imaginary security device by permutating the numbers or symbols. The readers well-versed in the point-and-click adventure genre will undoubtedly recognize in this analogy the most tedious and time-consuming puzzle.
These cryptologic curios are nothing if not ‘cerebral’. The above-mentioned study points out that even the ‘scrawniest’ attack employs sophisticated attack patterns for password-guessing. Since we’re on the topic of curiosities, the reader may perhaps be interested to know that not all operating systems react the same way when they come across a brute-force attack.
For instance, a study undertaken by cybersecurity mi2g reveals that machines running Linux are more vulnerable to brute-force attacks compared to those running Microsoft’s proprietary operating systems or Mac OSX. Although aware of his vulnerability, Linux software engineers have yet to come up with a solution to fix this exploitable loop.
Brute-force-attacking a machine or a network is a laborious process, and, under normal circumstances, with a low success rate. It takes a lot of processing power to ‘guess’ the right sequence of alphanumerical symbols, not to mention time.
...
How Does A Brute Force Attack Work and How to Keep Your Organization Safe
![[Image: heimdal-logo.svg]](https://heimdalsecurity.com/blog/wp-content/themes/heimdalv2/images/heimdal-logo.svg){kind=logo}
![[-]](https://www.geeks.fyi/images/collapse.png "[-]")
