In recent news, password-spraying attack methods are on the rise due to Iranian hackers that go by the name of Magnallium. Although they are targeting electric utilities, oil and gas firms, and US infrastructure, any company in any industry could be impacted due to various intrusions caused by the attempts.
What is password-spraying?
Password-spraying is when attackers guess common passwords for all types different accounts in large quantities. Examples of common passwords are “awesome123”, “coolguy!”, “cowboys”, etc.
You might be wondering how hackers would have your username, account information or email. Surprisingly, there are massive quantities of names, email addresses, accounts and passwords easily found in the dark web. The dark web is primarily an information database of all of the compromises over the last couple of decades, some that you know about, and some that you don’t.
What can you do?
Best practice is to change your passwords regularly and use multifactor authentication where it is supported. Also, if you have any common easily guessable passwords- change them now!