Post-Acute Care News

Get News via Email

Peter Teichert

Find me on:

Recent Posts

Security Spotlight: Password Spraying

By Peter Teichert on Thu, Sep 12, 2019 @ 04:06 PM

In the past year, a type of attack known as Password Spraying has been getting a lot of attention. Let's consider what this type of attack involves, why it is so dangerous, and what individuals can do in their role as Human Firewalls to prevent and detect these types of attacks.

What is Password Spraying?

  • Password Spraying is basically automated password guessing
  • Also known as the “low-and-slow” method since it typically involves an attacker trying a single password from a list of highly common passwords against a large number accounts before moving on to attempt a second password 
  • Although not a sophisticated attack, it has proven highly effective as it stays below the detection radar by avoiding frequent account lockouts against a single high-privilege account  

Why is Password Spraying so dangerous?

  • More and more business applications (think Office 365) and services are in the cloud and people re-using passwords is extremely common so, once the bad guys have your credentials for one platform, they often have access to other cloud services as well
  • Companies often invest in security solutions such as Firewalls, Antivirus, Intrusion Prevention/Intrusion Detection (“IPS/IDS”), and Encryption, but this type of attack bypasses all of them
  • It allows attackers to compromise accounts while masking themselves from detection by blending in with “normal” activity
    • Once attackers gain access to the system, they employ a technique known as Lateral Movement to move further across the network as they search for the key data and assets that are ultimately the target of their attacks

What can you do to prevent and detect Password Spraying?

  • Use uncommon and hard-to-guess passwords
    • Complex passwords including:
      • Uppercase and Lowercase characters (A – Z, a-z)
      • Digits (0-9)
      • Non-alphanumeric special characters (e.g.,!, #, $)
    • Use passphrases (sentences as a password)
  • Use a different password for each separate account, service, or site 

Detection of a Password Spraying attack often requires the use of analytic tools, but other observations include:

  • High volume of account lockouts
  • Spike in attempted/failed logins
  • Login attempts from inconsistent IP addresses

Conclusion:

Attackers will take the cheapest and shortest path to the objective, and Password Spraying fits that description since there are also a lot of open source tools readily available. Now that you know the essentials of Password Spraying, you can make it part of your efforts as a Human Firewall.

 

U.S. Health and Human Services Cites 5 Most Relevant Cyber Threats

By Peter Teichert on Fri, Feb 15, 2019 @ 02:47 PM

Our recent webinar, A 3-Prong Preparation Strategy for HIPAA Audits, touched upon cybersecurity. As a follow-up, we have prepared the below infographic, summarizing related information from the U.S. Department of Health and Human Services. 

If we can be of help to you in protecting yourself against these threats or preparing for HIPAA audits, get in touchTo learn more about our expertise, visit our primeCLOUD page.

Top 5 Cyber Threats

Topics: cybersecurity, HIPAA compliance, HIPAA One Risk Assessment, HIPAA enforcement, cyber threats

Recent Posts

Screen_Shot_2016-07-26_at_3.06.07_PM.png

Gain visibility and control over claims operations

See how Prime Care can move the needle across your enterprise

PLAY DEMO