DS Tech Blog

Microsoft Warns Against Password Spraying

Microsoft Warns Against Password Spraying

As time has passed, cybersecurity attacks have become another way some organizations and nations engage in warfare. You can argue that there is a war going on at all times in cyberspace while hackers—many of which are sponsored by government agencies—try to outdo security researchers at all turns. One such scenario sees customers in the United States and Israeli defense technology sectors becoming the target of “password spraying.”

Password spraying is a somewhat disgusting-sounding term used to describe the process of hacking into multiple accounts by spamming commonly used passwords. You can see how this can become problematic, especially considering users’ propensity for using variations of these commonly used passwords.

In the above scenario, Microsoft warns that about 250 Microsoft Office 365 customers in the aforementioned sectors were being targeted by these password spraying tactics. Microsoft has called the group performing such attacks DEV-0343, with the DEV moniker being used to showcase that the attackers are, at this time of writing, not state-sponsored. DEV-0343 is thought to originate from Iran.

Less than 20 of the targets were actually compromised, but it’s shocking that such high-profile targets would opt for such basic passwords, to say the least. It’s reported that organizations using multi-factor authentication are at much less risk compared to those who don’t. According to Microsoft, security professionals should be on the lookout for suspicious connections from Tor networks: "DEV-0343 conducts extensive password sprays emulating a Firefox browser and using IPs hosted on a Tor proxy network. They are most active between Sunday and Thursday between 7:30 AM and 8:30 PM Iran Time (04:00:00 and 17:00:00 UTC) with significant drop-offs in activity before 7:30 AM and after 8:30 PM Iran Time. They typically target dozens to hundreds of accounts within an organization, depending on the size, and enumerate each account from dozens to thousands of times. On average, between 150 and 1,000+ unique Tor proxy IP addresses are used in attacks against each organization.”

In general, your organization should be prepared to analyze its traffic for suspicious activity of any kind, particularly during off-times when nobody should be accessing your infrastructure. Furthermore, it’s critical to remember that passwords are, of course, only one part of an adequate cybersecurity strategy and that you should always strive to use multi-factor authentication when possible. Passwords are one part of this process and should be used alongside something else you have, like a secondary device or smartphone, or biometric technology.

You can count on DS Tech to stay in the loop regarding any security risk to your business and implementing solutions designed to protect your organization from any potential threats. To learn more about what we can do for your business, reach out to us at (906) 786-0057.

Are We a Bad Influence on Our Artificially Intelli...
The Network Bottleneck Can Sap Productivity

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 19 January 2022

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.dstech.net/

Blog Archive

2022
February
March
April
May
June
July
August
September
October
November
December
2017
January
February
March
April
May
June
July
August
September
October
November
December
2016
January
February
March
April
May
June
July
August
September
October
November
December
2015
January
February
March
April
May
June
July
August
September
October
November
December
2014
January
February
March
April
May
June
July
August
September
October
November
December
2013
January
February
March
April
May
June
July
August
September
October
November
December
2012
January
February
March
April
May
June
July
August
September
October
November
December
2011
January
February
March
April
May
June
July
August
September
October
November
December
2010
January
February
March
April
May
June
July
August
September
October
November
December
2009
January
February
March
April
May
June
July
August
September
October
November
December
2008
January
February
March
April
May
June
July
August
September
October
November
December
2007
January
February
March
April
May
June
July
August
September
October
November
December
2006
January
February
March
April
May
June
July
August
September
October
November
December
2005
January
February
March
April
May
June
July
August
September
October
November
December
2004
January
February
March
April
May
June
July
August
September
October
November
December
2003
January
February
March
April
May
June
July
August
September
October
November
December
2002
January
February
March
April
May
June
July
August
September
October
November
December

Mobile? Grab this Article

QR Code

Subscribe To Our Newsletter

* indicates required

News & Updates

ESCANABA, MI — December 9, 2021 – DS Tech, a leading managed technology services provider, announced today that the company has launched a cybersecuirty security-as-a-service program designed to protect businesses from daily attacks. DS Tech’s cybers...

Contact us

Learn more about what DS Tech can do for your business.

DS Tech
1431 North 26th Street #101
Escanaba, Michigan 49829