August 16, 2006
Danger: Getting Attacked with Brute Force
Alert Logic, an on-demand IT network security company dedicated to small and mid-sized businesses, has detected a dramatic spike in the number of "brute force" attacks on its SMB customer base. A particularly dangerous threat, brute force attacks are targeted against specific companies in which the attacker tries various ways to break into a company's private network, continuing until a breakthrough occurs. Brute force attacks have a high success rate against companies with lax IT security measures and the inability to properly detect the attacks as they are happening.
Brute force attacks can be defended against through constant surveillance, up-to-date threat detection technology, quick reaction time to any security alerts, and the setting and maintaining of rigorous security policies. While many SMBs currently spend a great deal on IT security, they are still vulnerable to these attacks because most only have firewall and antivirus technology deployed, and most security vendors offer only watered-down versions of expensive enterprise systems requiring maintenance and monitoring that most SMBs simply do not have the resources for.
Alert Logic advises:
1) Brute force is a targeted attack, where many of the other attacks are just shotgun approaches (spam out thousands of emails and hope that one company has weak security or employees that open every attachment. And these are usually one try and done.) Brute force however, is a well designed attack that is aimed at a specific company. It sets its sites on a specific network and is programmed to keep attacking specific points. IE: ongoing random password/encryption tries until one works.
Brute force attacks are very sophisticated and dangerous. And they are targeted. That is one of the main differences.
2) Pretty much any brute force attack is as dangerous as any other. Really depends on the security measures a company is taking., ie: a company who has secured their database with weak encryption is in danger of being easily beaten by a brute force attack.
3) Actually, there are several methods to protect against brute force attacks. Good threat detection will pick up on an attack becuase there is a pattern to a brute force attack that can be seen. Constant surveillance of a network is another (that technology is available.) React quickly when you see one attack (waiting around to fortify the walls just gives the attack more time to succeed.) And put some serious security policies in place. Passwords of 1-2-3-4-5 or a standard name are pretty much asking for trouble.
Get Small Business Technology Report
Via Email Every Tuesday
What is Smallbiztechnology.com?
Smallbiztechnology.com helps small-medium sized businesses strategically use technology as a tool to grow their businesses and provides news, articles, discussion boards, resources, analysis & events for the owners of small to medium sized busineses.
Subscribe to the Smallbiztechnology feed.
Recent Posts
- Power Point Presentations: Let It Be An Experience (Learning From Al Gore)
- Pay-Per-Click Advertising for Peanuts
- Downloading Microsoft Windows Updates Can Be Bad For Your Health
- Time is Money. How Are You Tracking Yours?
- Are You Collaborating Creatively?
- When Technology Embarrasses Us! :)
- Is Online Marketing Confusing You?
- Email Marketing Providers: How to Choose
- Can Social Networking Improve Internal Collaboration?
- Is 1.5 TeraBytes of Storage Too Much?
Join our Facebook group
The Third Annual Small Business Summit 2008 was a smashing success. Check out the Summit site for what you missed. See the 2008 Summit presentations, video and photos!
Post a comment