With so many people working from home during the COVID-19 pandemic, more cyber criminals are using “brute force” attacks to break the passwords of employees signing into their company networks remotely, according to ESET, a cybersecurity and antivirus protection firm.
How it works: Brute force attacks break into systems by trying out vast numbers of possible passwords.
- Cyber criminal groups are targeting increasingly ubiquitously used remote login services as a way to circumvent the usual protections to company systems.
- The criminals then often hold companies’ networks hostage via ransomware.
What they're saying: “Despite the increasing importance of [remote access services], organizations often neglect its settings and protection,” writes ESET.
- “Employees use easy-to-guess passwords and with no additional layers of authentication or protection. ... Cybercriminals typically brute-force their way into a poorly secured network, elevate their rights to admin level, disable or uninstall security solutions and then run ransomware to encrypt crucial company data.”
Of note: Among ESET’s own users, the most commonly blocked IP addresses associated with these types of attempted intrusions came from the United States, China, Russia, France and Germany.
- Meanwhile, most victims of these types of attempted intrusions possess IP addresses located in Russia, Germany, Japan, Brazil and Hungary, says ESET.
