Brute Force Attacks

What Is a Brute Force Attack?

A brute force attack is a trial-and-error hacking technique that involves guessing combinations of login credentials, passwords, and encryption keys to breach accounts, networks, or websites. Using excessive and repetitive forceful attempts—or brute force—to gain entry, threat actors target individuals and organizations to acquire sensitive data. Brute force attacks enable threat actors to exploit the information they steal for malicious activities, such as selling it on the dark web or leveraging it for ransomware attacks. 

How Brute Force Attacks Work

Automated password-cracking software and various other techniques are used to defeat the security controls of a locked system. Though a brute force attack is an outdated method of compromising systems, it accounts for nearly 5% of all confirmed security breaches and is still a reliable hacking technique. Threat actors use brute force attacks to perform the following malicious activities:

  • Steal sensitive data
  • Exploit financial information
  • Damage a company’s reputation
  • Profit from website ads
  • Reroute traffic to malicious websites
  • Install backdoors
  • Spread malware 

Types of Brute Force Attacks

Threat actors employ various types of brute force attacks to gain unauthorized access, including: 

Simple Brute Force Attacks

This method of brute force hacking is regarded as the most time-consuming–it involves manually guessing login credentials without using any software. Threat actors attempt simple passwords like “password1234” and often target individuals by leveraging available information such as birthdates, children’s names, hobbies, and more. 

Dictionary Attacks

By testing a list of commonly used or easily guessed passwords, dictionary attacks exploit weak passwords. Threat actors select a target username and systematically try potential simple passwords associated with that account. 

Hybrid Brute Force Attacks

This brute force technique combines both dictionary and simple brute force attacks. Threat actors must know the target account’s username and employ both approaches to uncover the correct login information. They start with a potential list of passwords and then substitute characters with various numbers, letters, or symbols to try different combinations.

Credential Stuffing

Credential stuffing attempts to access accounts by trying different combinations of login credentials stolen from data breaches or sourced on the dark web. This method exploits weak and reused passwords as threat actors attempt login combinations across numerous sites to gain access. 

Reverse Brute Force Attack

Rather than starting with a known username and guessing the potential password, this technique reverses the process—threat actors begin with a password, usually found from network breaches, and then search it against millions of usernames to find a matching login. 

Examples of Brute Force Attacks

Due to the success rate of brute force attacks, they remain a common hacking technique. Some notable examples of brute force attacks include:

  • In 2015, Dunkin Donuts hid a brute force attack that impacted the accounts of 20,000 customers. The threat actors stole users’ payment information and used it to launch follow-up attacks, resulting in the impacted customers suing Dunkin Donuts for negligence.
  • The e-commerce giant Alibaba experienced brute force attacks in 2016 that compromised 21 million user accounts. The threat actors used customer accounts to purchase products and post fake reviews. 

How to Prevent a Brute Force Attack

Brute force operators increasingly develop intelligent capabilities, seamlessly replicating human behavior and evading detection. IT security teams can protect against evolving brute force attacks by implementing the following best security practices:

Zero Trust Network Access (ZTNA) 

ZTNA is a security approach that deploys multi-factor authentication across an organization’s network. Users must authenticate themselves and validate their identity to access any systems or resources. ZTNA models mitigate the risk of unauthorized access and help reduce breaching possibilities after failed login attempts.

Password Education

Brute force attacks often target weak and reused passwords, and organizations can significantly reduce the rate of breached accounts by educating employees. Creating multicharacter passwords and using unique credentials across various accounts increases password complexity and contributes to a cyber-resilient work environment.

Managed Detection and Response (MDR)

MDR ensures the continuous monitoring of networks for unusual activity, facilitating early detection, threat hunting, and rapid response. Through its advanced capabilities, MDR effectively identifies and mitigates potential brute-force attacks. 

CylanceGUARD for MDR

As a human-centric 24x7x365 Managed Detection and Response, CylanceGUARD® provides the cybersecurity expertise and support businesses need. CylanceGUARD combines the expertise embodied by BlackBerry Cybersecurity Services with an AI-based Endpoint Protection (EPP) through CylanceENDPOINT™. CylanceGUARD provides businesses with everything they need to contend with a modern threat landscape—no matter what that landscape throws at them.
LEARN MORE

Related Resources:

Resource Icon Data Loss Prevention (DLP) Resource Icon Endpoint Security Resource Icon Endpoint Protection Platforms (EPP) Resource Icon Endpoint Detection and Response (EDR) Resource Icon Extended Detection and Response (XDR) Resource Icon Identity and Access Management (IAM) Resource Icon Managed Detection and Response Resource Icon Managed XDR Resource Icon MITRE ATT&CK Framework Resource Icon Mobile Threat Defense (MTD) Resource Icon User and Entity Behavior Analytics (UEBA) Resource Icon Zero Trust Architecture Resource Icon Zero Trust Network Access (ZTNA) Resource Icon Zero Trust Security Resource Icon Security Information and Event Management (SIEM) Resource Icon Secure Access Service Edge (SASE)
More Resources