Small Business Technology Tour - coming to a city near you! Register here!
Campaigner - email marketing for growing businesses.
August 16, 2006
Danger: Getting Attacked with Brute Force
Alert Logic, an on-demand IT network security company dedicated to small and mid-sized businesses, has detected a dramatic spike in the number of "brute force" attacks on its SMB customer base. A particularly dangerous threat, brute force attacks are targeted against specific companies in which the attacker tries various ways to break into a company's private network, continuing until a breakthrough occurs. Brute force attacks have a high success rate against companies with lax IT security measures and the inability to properly detect the attacks as they are happening.
Brute force attacks can be defended against through constant surveillance, up-to-date threat detection technology, quick reaction time to any security alerts, and the setting and maintaining of rigorous security policies. While many SMBs currently spend a great deal on IT security, they are still vulnerable to these attacks because most only have firewall and antivirus technology deployed, and most security vendors offer only watered-down versions of expensive enterprise systems requiring maintenance and monitoring that most SMBs simply do not have the resources for.
Alert Logic advises:
1) Brute force is a targeted attack, where many of the other attacks are just shotgun approaches (spam out thousands of emails and hope that one company has weak security or employees that open every attachment. And these are usually one try and done.) Brute force however, is a well designed attack that is aimed at a specific company. It sets its sites on a specific network and is programmed to keep attacking specific points. IE: ongoing random password/encryption tries until one works.
Brute force attacks are very sophisticated and dangerous. And they are targeted. That is one of the main differences.
2) Pretty much any brute force attack is as dangerous as any other. Really depends on the security measures a company is taking., ie: a company who has secured their database with weak encryption is in danger of being easily beaten by a brute force attack.
3) Actually, there are several methods to protect against brute force attacks. Good threat detection will pick up on an attack becuase there is a pattern to a brute force attack that can be seen. Constant surveillance of a network is another (that technology is available.) React quickly when you see one attack (waiting around to fortify the walls just gives the attack more time to succeed.) And put some serious security policies in place. Passwords of 1-2-3-4-5 or a standard name are pretty much asking for trouble.
Subscribe to the Smallbiztechnology RSS feed.
Join our Facebook Page.
Get cell phone Tweets (updates) via Twitter.
Subscribe to our Youtube Channel.
Recent Posts
- Brent Leary (CRM Essentials) - Context, Not Content, Is King (Taste of Technology Series Video)
- Laura Thomas (Dell) - Social Media Lessons From Dell (Taste of Technology Series Video)
- Dan Zarrella (HubSpot) - Stop Forcing and Tricking People Into Buying From You! (Taste of Technology Series Video)
- Events, Conferences and Webinars this Fall
- Stop Scratching The Surface of Twitter. Learn, Go Deep & Boost Profits
- Your Employees Are More Mobile. Why Aren't You Giving Them Better Tools?
- PandaForm: Real Easy Forms Creation, Contacts and More
- Bad (Real Bad) Cell Phone Coverage? Get A Mini-Cell Tower (Walt Mossberg - WSJ)
- 6 Social Media Lessons from IBM's Social Media Guru: What, Who, How and more...
- Got A Branch Office? 5 Ways Your Employees Can Feel the Tech Love.
What is Smallbiztechnology.com?
Smallbiztechnology.com educates growing businesses in how to strategically use technology as a tool to grow their businesses. We do this through events and online content.
Post a comment