In a continuation of this month’s Insights section, we are taking a closer look into a recent increase in brute force attacks specifically targeting virtual private networks (or VPNs). We will explore the nature of a brute force attack, the different types of attacks, what recent waves of activity have been spotted in the wild as well as any mitigation advice that clients/ organisations can implement.
VPN BRUTE- FORCE ATTACKS SECTION 03
Brute Force Attack/s First and foremost, it is important to determine what a brute force attack is; A brute force attack is a widely used method by threat actors in which they utilise every possible combination of characters, words, or phrases in order to get hold of encrypted information or gain valid credentials (i.e. a threat actor would typically send GET and POST requests to a server). In other words, a threat actor essentially relies on a trial and error approach in order to guess the information they are seeking which could include the following:
The full version of Intelligence Insights is covered in our Premium Threat Pulse. This is available to Managed Service clients and those that purchase our Intelligence Subscription Service. NCC Group offer Threat Intelligence services including that of bespoke reporting on topics surrounding your organisation. Why not speak to a member of the team to see how we can support your business with the ever-evolving threat landscape.
• Obtain passwords / credential details • Access systems, networks and /or infrastructure
Key Steps of A Brute Force Attack
Figure 2: Basic Brute Force Attack
According to the MITRE ATT&CK framework, brute force is a technique mainly associated with the credential access tactic and can be further broken down into the following sub-techniques.
8
9
Made with FlippingBook flipbook maker