A brute-force attack sees an attacker repeatedly and systematically submitting different usernames and passwords in an attempt to eventually guess credentials correctly. This simple but resources-intensive, trial-and-error approach is usually done using automated tools, scripts or bots cycling through every possible combination until access is granted.
However, the longer the password and the stronger the encryption on the saved credentials, the amount of time and computing power needed, so it is possible for organizations to decrease the efficiency of the attack to the point is almost impossible for attackers to execute successfully.
In 2017 both the UK and Scottish Parliaments fell victim to brute-force attacks, while a similar but unsuccessful attack occurred on the Northern Irish Parliament a year later. Airline Cathay Pacific suffer a brute force attack a year later for which it was fined £500,000 [~$630,000] by the UK’s data regulator due to lacking sufficient preventive measures. Ad blocking service Ad Guard also forced a reset of all user passwords after suffering a brute-force attack.
Le règlement DORA : un tournant majeur pour la cybersécurité des institutions financières Le 17…
L’Agence nationale de la sécurité des systèmes d'information (ANSSI) a publié un rapport sur les…
Directive NIS 2 : Comprendre les nouvelles obligations en cybersécurité pour les entreprises européennes La…
Alors que la directive européenne NIS 2 s’apprête à transformer en profondeur la gouvernance de…
L'intelligence artificielle (IA) révolutionne le paysage de la cybersécurité, mais pas toujours dans le bon…
Des chercheurs en cybersécurité ont détecté une intensification des activités du groupe APT36, affilié au…
This website uses cookies.