“Password sprays” as an attack vector, are increasing, a fact observed by the Microsoft Detection and Response Team (DART).
In a new post on its official blog, IT major Microsoft has explained the reasons why, & what DART was doing to tackle it.
As per the statistics provided by the Digital Shadows report “From Exposure to Takeover,” there are over 5 billion unique credential pairs available for sale worldwide, with new caches of credentials being exposed on a regular basis. This kind of volume, said Microsoft, tells us that users should assume that a breach will occur, & consider that a compromised username or password in any given organization is inevitable.
Does that mean we should give up on passwords altogether? No, says Microsoft, but the “rabbit hole of password policies”, & the potentially endless discussions about complexity, length, & “correct battery horse staple” should be avoided in favor of applying Zero Trust logic to identity & authentication. This includes areas like: MFA and legacy authentication, MFA registration, & mailbox auditing.
Password spray attacks are the perfect combination of low effort & high value for attackers, & even the most secure companies are likely to fall victim to them. However, preventing catastrophic damage is not a hopeless endeavor. By assessing both sides of the situation, the protection against the attack as well as the capabilities to investigate & remediate an attack, enterprises can ensure a substantial amount of coverage against password spray destruction.
DART utilizes these strategies for everyday investigations. Microsoft said its customers are encouraged to adopt passwordless technology & enable MFA, regardless of the provider. “While attackers are most likely continuously exploring new ways to break into an environment, by assuming breach, we can help to safeguard against inevitable detrimental harm”, the post says.
Click here to read about password sprays & DART’s response to it.
