Industry Insights

Blog, Security

Password Spraying? Yep, It’s a Thing

by | Monday, December 13th, 2021

Cyberwarfare has continued to evolve in sophisticated ways, and while security researchers try their best to keep up, hackers are always trying to outdo them. One example of such attacks, which are often sponsored by government agencies, is a recent attack on the United States and Israeli technology sectors, which have become the target of password spraying campaigns.

Password spraying is when multiple accounts are hacked into using commonly used passwords. Hackers spam these passwords in an attempt to break into these accounts. These attacks also involve variations of these commonly used passwords, and considering how often this happens, it’s not surprising to see how they can be successful.

Microsoft issued a warning in regards to the aforementioned attacks involving the United States and Israeli technology sectors in which 250 Microsoft Office 365 customers became the targets of password spraying tactics. Microsoft has named this group DEV-343, the DEV in the name representing the fact that the attacks are not currently being sponsored by state actors. The group is thought to originate from Iran.

Even though less than 20 of the targets were actually compromised, it’s quite concerning to see such high-profile targets using insecure passwords. Microsoft has reported that organizations using multi-factor authentication are at much less risk than those who do not. As reported by Microsoft, security professionals should be wary of suspicious connections enabled by Tor networks: “DEV-0343 conducts extensive password sprays emulating a Firefox browser and using IPs hosted on a Tor proxy network. They are most active between Sunday and Thursday between 7:30 AM and 8:30 PM Iran Time (04:00:00 and 17:00:00 UTC) with significant drop-offs in activity before 7:30 AM and after 8:30 PM Iran Time. They typically target dozens to hundreds of accounts within an organization, depending on the size, and enumerate each account from dozens to thousands of times. On average, between 150 and 1,000+ unique Tor proxy IP addresses are used in attacks against each organization.”

You should always be familiar with the traffic on your network, as doing so will help you identify when there is suspicious activity of any kind, like when someone accesses your network at 3 AM on the other side of the world. Passwords might be important, but so too are other measures, like multi-factor authentication.

Compudata can help your business optimize security and protect itself from the many threats out there. To learn more, reach out to us at 1-855-405-8889.

A Glimpse Into What Compliance Looks Like for Businesses

Apr 7, 2025 | ,

It’s easy to see all the reasons why you should make data regulations and compliance a priority. After all, you want to ensure you don’t violate the trust and security of your customers, as well as the integrity of your operations. If you make even one mistake, it...

AI Search Isn’t There Yet

Apr 4, 2025 | ,

People do this all the time: if they don’t know an answer, they just make something up that sounds right. It turns out AI has the same bad habit. A Study Put AI Search to the Test, and It Did Not Go Well Researchers at the Tow Center for Digital Journalism (part of...

Remote Work Is Great, but There Are Some Pitfalls

Apr 2, 2025 | ,

Do you have employees working remotely? If you do, the real question is, are you doing everything you can to keep them productive and secure? Remote work is awesome, but it comes with its fair share of risks. Today, we get into how to competently confront them. Remote...

Hiring IT is Hard (Here’s How to Make It Easier)

Mar 28, 2025 | ,

Do you have someone on your staff who can handle most IT-related issues for your business? If not, we’re sure your organization feels it in more ways than one. The issues that come from not having IT help are only made more frustrating when it comes time to find IT...

Let’s Take the Lid Off of CAPTCHA

Mar 21, 2025 | ,

We've officially reached the point where humans have to prove they're, well, human just to access websites. One of the most common ways to do this? CAPTCHA. CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart. It might sound...

Automation Isn’t Always the Best Business Option

Mar 17, 2025 | ,

Automation makes sense from an operations standpoint, and people see this despite the many who advocate for scaling back to save jobs. For every task that can be completed, however, less than half can be automated. When you consider all the tasks that a human might be...

More Reading from Industry Insights:

AI Search Isn’t There Yet

by | Apr 4, 2025 | ,

People do this all the time: if they don’t know an answer, they just make something up that sounds right. It turns out AI has the same bad habit. A Study Put AI Search to the Test, and It Did Not Go Well Researchers at the Tow Center for Digital Journalism (part of...

Hiring IT is Hard (Here’s How to Make It Easier)

by | Mar 28, 2025 | ,

Do you have someone on your staff who can handle most IT-related issues for your business? If not, we’re sure your organization feels it in more ways than one. The issues that come from not having IT help are only made more frustrating when it comes time to find IT...