BLOG

Brute Force

What is BruteForce attack and how to prevent

What Is A Brute Force Attack?

In the world of Cyber crimes, brute force attack is an activity which involves repetitive successive attempts of trying various password combinations to break into any website. This attempt is carried out vigorously by the hackers who also make use of bots they have installed maliciously in other computers to boost the computing power required to run such type of attacks.

How Brute Force Attacks Work
  1. An attacker decides on their intended target: either an encrypted file that has been stolen (offline) or a login page (online).
  2. They use a computer program that’s configured to attempt entry by trying usernames, along with millions of password combinations. (They may also attempt one password with many usernames.)
  3. Once the correct username and password combination is found, the attacker is able to access the secure data.
Example of a Brute Force Attack

Back in 2013, several GitHub users were notified about potentially being a victim of a brute force cyber attack that happened on the site. Many users had weak passwords that led to the site being targeted and ultimately letting sensitive data get into the hands of outsiders. GitHub notified users that they would be forced to change their passwords and use more secure combinations.

During this incident, the attackers used over 40,000 unique IP addresses that made it easier for them to fly under the radar. This attack was done slowly on purpose in order to not raise any alarm to GitHub security.

How Can I Prevent It?

  • Password Length.
  • Password Complexity.
  • Limit Login Attempts.
  • Modifying .htaccess file.
  • Using Captcha.
  • Two Factor Authentication.
  • Cloudflare.
Written by Tamer Heib – Cyber Content Writer at Cyberetic

Brute Force Attack

In the world of Cyber crimes, brute force attack is an activity which involves repetitive successive attempts of trying various password combinations to break into any website…

Read More »