Information Security Leader, Author, Instructor and Speaker

Password-Based Attacks Pose New Dangers for Agency Networks

Posted on May 29, 2019 in Articles | by

Last year, the United States Computer Emergency Readiness Team (US-CERT) issued an alert that hackers were targeting organizations in the United States with a ­massive wave of attacks based on ­successful guesses of common passwords.

These password-spray attacks seek to identify accounts at targeted organizations that use common or simple passwords, and then use those accounts to steal sensitive information. Nine Iranian nationals were indicted last year in New York for hacks of U.S. universities, companies and government agencies using this method.

In a password-spray attack, the attacker does not need advance knowledge of a user’s password. Unlike social engineering, in which the attacker tricks a user into revealing his or her password, spray attacks rely on the fact that, unless prevented, users will choose easy-to-remember passwords.

Published May 2019 in FedTech Magazine.

Read the full article: Password-Based Attacks Pose New Dangers for Agency Networks 

Leave a Reply

Your email address will not be published. Required fields are marked *

Mike Chapple, CISSP, Ph.D.

Mike is an IT leader, information security professional, author, speaker and trainer with over fifteen years of experience in the field.

Full Biography

@mchapple