'Brute force' attacks against SMBs on the rise
Rather than broad sweeps for vulnerabilities, hackers are targeting small firms
Computerworld - The number of "brute force" attacks on small and midsize companies has risen dramatically in the past few months, according to Houston-based Alert Logic Inc., an on-demand IT network security company that focuses on small and medium-size businesses.
Brute force attacks are those in which an attacker uses multiple ways to hack into a company's private network, trying various methods until the break-in attempt succeeds, said Chris Smith, vice president of marketing at Alert Logic.
Over the past three months, brute force attacks have increased by more than 1,000%, Alert Logic said in a statement. Since brute force attacks are considerably more dangerous than random e-mail-borne viruses, the increase indicates that criminals are specifically taking advantage of the lesser security measures used by smaller businesses, the company said.
"Prior to this, what we noticed out there being directed at midsize companies was the more broad-based sweeps or scans, which means that there were certain well-known vulnerabilities that were being targeted, but they were being broadly targeted," Smith said. "That means that the bad guys were broadly sweeping a bunch of companies... for these general vulnerabilities, and when they found those vulnerabilities they would find a way in."
Now, however, hackers are targeting their attacks at specific services like FTP and are employing the brute force password-cracking technique, Smith said.
"So they'll keep pounding on a particular target, trying to get through," he said. "It's more targeted, more concerted, more persistent. Part of the reason we think we're seeing this is that companies have gotten better about adopting patch managing technology and other technologies that keep those these vulnerabilities that used to be targeted... relatively covered."
Johannes Ullrich, an analyst at the SANS Institute in Bethesda, Md., agreed that brute force attacks have been on the rise for a while, but he said he hadn't seen numbers as high as those Alert Logic reported.
"Brute force attacks are amazingly successful and simple," he said. "They do not require any particular exploit, but just a script to automatically guess the right password. Over the last couple years, we see less of the classic brute force attacks where an attacker is guessing many passwords for a particular account. Instead, attackers try a small set of passwords -- even if they use a 100 or so -- against a large number of usernames. This bypasses some of the lock-out policies companies put in place to prevent brute-forcing.
"Targets of brute force attacks are SSH, FTP and Windows networking among other services," he said.
Read more about Security in Computerworld's Security Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts