What Is a Brute Force Attack?
A brute force attack is a trial-and-error hacking technique that involves guessing combinations of login credentials, passwords, and encryption keys to breach accounts, networks, or websites. Using excessive and repetitive forceful attempts—or brute force—to gain entry, threat actors target individuals and organizations to acquire sensitive data. Brute force attacks enable threat actors to exploit the information they steal for malicious activities, such as selling it on the dark web or leveraging it for ransomware attacks.
How Brute Force Attacks Work
Automated password-cracking software and various other techniques are used to defeat the security controls of a locked system. Though a brute force attack is an outdated method of compromising systems, it accounts for nearly 5% of all confirmed security breaches and is still a reliable hacking technique. Threat actors use brute force attacks to perform the following malicious activities:
- Steal sensitive data
- Exploit financial information
- Damage a company’s reputation
- Profit from website ads
- Reroute traffic to malicious websites
- Install backdoors
- Spread malware
Types of Brute Force Attacks
Threat actors employ various types of brute force attacks to gain unauthorized access, including:
Simple Brute Force Attacks
This method of brute force hacking is regarded as the most time-consuming–it involves manually guessing login credentials without using any software. Threat actors attempt simple passwords like “password1234” and often target individuals by leveraging available information such as birthdates, children’s names, hobbies, and more.
Dictionary Attacks
By testing a list of commonly used or easily guessed passwords, dictionary attacks exploit weak passwords. Threat actors select a target username and systematically try potential simple passwords associated with that account.
Hybrid Brute Force Attacks
This brute force technique combines both dictionary and simple brute force attacks. Threat actors must know the target account’s username and employ both approaches to uncover the correct login information. They start with a potential list of passwords and then substitute characters with various numbers, letters, or symbols to try different combinations.
Credential Stuffing
Credential stuffing attempts to access accounts by trying different combinations of login credentials stolen from data breaches or sourced on the dark web. This method exploits weak and reused passwords as threat actors attempt login combinations across numerous sites to gain access.
Reverse Brute Force Attack
Rather than starting with a known username and guessing the potential password, this technique reverses the process—threat actors begin with a password, usually found from network breaches, and then search it against millions of usernames to find a matching login.
Examples of Brute Force Attacks
Due to the success rate of brute force attacks, they remain a common hacking technique. Some notable examples of brute force attacks include:
- In 2015, Dunkin Donuts hid a brute force attack that impacted the accounts of 20,000 customers. The threat actors stole users’ payment information and used it to launch follow-up attacks, resulting in the impacted customers suing Dunkin Donuts for negligence.
- The e-commerce giant Alibaba experienced brute force attacks in 2016 that compromised 21 million user accounts. The threat actors used customer accounts to purchase products and post fake reviews.
- A brute force attack compromised multiple email accounts of members of the Northern Irish Parliament in 2018.
How to Prevent a Brute Force Attack
Brute force operators increasingly develop intelligent capabilities, seamlessly replicating human behavior and evading detection. IT security teams can protect against evolving brute force attacks by implementing the following best security practices:
ZTNA is a security approach that deploys multi-factor authentication across an organization’s network. Users must authenticate themselves and validate their identity to access any systems or resources. ZTNA models mitigate the risk of unauthorized access and help reduce breaching possibilities after failed login attempts.
Password Education
Brute force attacks often target weak and reused passwords, and organizations can significantly reduce the rate of breached accounts by educating employees. Creating multicharacter passwords and using unique credentials across various accounts increases password complexity and contributes to a cyber-resilient work environment.
MDR ensures the continuous monitoring of networks for unusual activity, facilitating early detection, threat hunting, and rapid response. Through its advanced capabilities, MDR effectively identifies and mitigates potential brute-force attacks.
As a human-centric 24x7x365 Managed Detection and Response, CylanceGUARD® provides the cybersecurity expertise and support businesses need. CylanceGUARD combines the expertise embodied by BlackBerry Cybersecurity Services with an AI-based Endpoint Protection (EPP) through CylanceENDPOINT™. CylanceGUARD provides businesses with everything they need to contend with a modern threat landscape—no matter what that landscape throws at them.