What Is a Brute Force Attack?
How Brute Force Attacks Work
Automated password-cracking software and various other techniques are used to defeat the security controls of a locked system. Though a brute force attack is an outdated method of compromising systems, it accounts for nearly 5% of all confirmed security breaches and is still a reliable hacking technique. Threat actors use brute force attacks to perform the following malicious activities:
- Steal sensitive data
- Exploit financial information
- Damage a company’s reputation
- Profit from website ads
- Reroute traffic to malicious websites
- Install backdoors
- Spread malware
Types of Brute Force Attacks
Simple Brute Force Attacks
Hybrid Brute Force Attacks
Reverse Brute Force Attack
Examples of Brute Force Attacks
Due to the success rate of brute force attacks, they remain a common hacking technique. Some notable examples of brute force attacks include:
- In 2015, Dunkin Donuts hid a brute force attack that impacted the accounts of 20,000 customers. The threat actors stole users’ payment information and used it to launch follow-up attacks, resulting in the impacted customers suing Dunkin Donuts for negligence.
- The e-commerce giant Alibaba experienced brute force attacks in 2016 that compromised 21 million user accounts. The threat actors used customer accounts to purchase products and post fake reviews.
- A brute force attack compromised multiple email accounts of members of the Northern Irish Parliament in 2018.