What is a Brute-force Attack?

Types of Brute-force Attacks

Due to its popularity, there are different methods of brute-force attacks.

  • Simple brute-force attacks: Hackers attempt every possible username-password combination.
  • Dictionary attacks: Using valid usernames, hackers will then run a list of possible passwords against the username.
  • Reverse brute-force attacks: Hackers start with known or common passwords. They then attempt with many usernames, in hopes of guessing correctly.
  • Hybrid brute-force attacks: External logic is integrated into the attack technique. Such attacks typically use both dictionary and simple brute-force attacks.
  • Credential stuffing: This attack uses valid login credentials to attempt to login into other services. The credentials are obtained from data breaches and successful password cracking.

Consequences of Brute-force Attacks

  • Theft of personal data, login credentials and money
  • Infecting websites and machines with malware
  • Collecting credentials to sell to third parties
  • Redirecting users to websites with malicious content

How to Safeguard Against Brute-force Attacks?

  • Limit the number of login attempts with a certain timeframe: This would hinder the hackers’ progress. They may be deterred from continuing the attack.
  • Use longer, more complex passwords: This increases the difficulty and time required to crack the passwords.
  • Implement multi-factor authentication: 2 or more authentication factors are used as part of the login process. This can include using a one-time password (OTP) and fingerprint.
  • Deploy a web application and API protection (WAAP) solution: Such solutions would monitor all incoming web traffic activities and block suspicious IPs and requests.

How Polaris Safeguards Your Website

  • Web Application Firewall: Acting as a shield between malicious attacks and your web assets, Polaris protects against targeted hacks.
  • Leaked data: Polaris provides leaked data detection from a diverse pool of intelligence feeds.
  • Bot Management: Polaris provides automated web traffic scanning, analyses bot behaviour and blocks malicious bots from attacking websites.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Polaris

Polaris

Simplifying the Protection of Your Critical Assets from the World’s Greatest Cyber Threats. #AlwaysOnGuard