Prepare for cyber threats through an Incident Response Readiness program
Microsoft Warns that Billions of Passwords are Compromised | ||
DESCRIPTION | ||
While a highly connected state fosters collaboration on an immense scale, it’s also a security nightmare. If a hacker gains access into a company’s network, they can potentially gain access to those company’s networks connected to it. That is referred to as a supply chain attack. Today, just about everyone has information somewhere on the internet, and many people use the same password to get access to this information. If an attacker obtains your credentials in an attack, they can potentially use those same credentials to access all of your information. Last week, Microsoft issued a stern warning that billions of passwords are compromised. Their Detection and Response Team (DART) reported that they have witnessed a dramatic increase in the number of “password spray” attacks this year. A spray attack is different than a traditional brute force attack in which an attacker perpetually tries to crack your password. There are two types of spray attacks:
The increase of these password spray attacks may be contributing to the record number of data breaches reported in 2021. In a congressional hearing in early October, the Identity Theft Resource Center reported that the number of breaches thus far in 2021 (1,291) has already eclipsed the total number of breaches reported in all of 2020 (1,108). | ||
IDENTIFY INDICATORS OF COMPROMISE (IOC) | ||
| ||
CONTAINMENT (If IOCs are identified) | ||
While it is recommended that users change their passwords regularly, it is essential to do so immediately once a compromised password has been reported. This means changing your password for every online account that compromised password has been used for. Once an organization has identified that a user account has been compromised, that account should be temporarily disabled. Their assigned computers should be scanned for malware and if possible, reset to a known good image. Personnel should also be trained to be aware of phishing attacks. | ||
PREVENTION | ||
Users should never use just one password for everything. At the least, use multiple passwords amongst your accounts. Ideally, use a unique password for every account. While the 8-character password has been a mainstay for a decade or more, security specialists are now recommending that it be lengthened. For instance, Microsoft’s latest Security Baseline Policy for Windows 11 enforces a 14-character password. Some experts are even recommending up to 16-character password. Whatever the length, they should have complexity mandates that incorporate both upper and lower-case letters, numbers, and alphanumeric characters. Users that don’t want to juggle multiple elongated passwords should consider a password manager that stores all passwords in an encrypted vault, requiring them to only know one password to access the vault. Password protection is a practice that is no longer secure today. Companies should implement multifactor authentication (MFA) solutions that require users to provide a second form of verification. |
HALOCK Breach Bulletins
Recent data breaches to understand common threats and attacks that may impact you – featuring description, indicators of compromise (IoC), containment, and prevention.