Innovation and Technology
Microsoft Confirms Password Spraying Attack — What You Need To Know
With a billion stolen passwords up for sale on dark web criminal marketplaces, and infostealer malware attacks continuing to add to that number, it’s no wonder that cybercriminals are turning to automatic password hacking machines in their nefarious campaigns. Microsoft has issued a warning of a new password spraying attack by a hacking group identified only as Storm-1977 that is targeting cloud tenants.
Beware This Password Spraying Attack, Microsoft Warns
The Microsoft Threat Intelligence team has published a new warning after observing hackers taking particular advantage of unsecured workload identities in order to gain access to containerized environments. With Microsoft research showing that 51% of such workload identities being completely inactive over the past year, it’s no wonder that threat actors are exploiting this attack surface. The password spraying attack exploited a command line interface tool called AzureChecker to “download AES-encrypted data that when decrypted reveals the list of password spray targets,” the report said.
How the Attack Works
The password spraying attack specifically targeting cloud tenants in the education sector, has now been pinned on the Storm-1977 threat group. The attack enabled the Storm-1977 hackers to then leverage a guest account in order to create a compromised subscription resource group and, ultimately, more than 200 containers that were used for cryptomining. The successful attack was made possible by the use of a command line interface tool called AzureChecker, which was used to download AES-encrypted data that contained the list of password spray targets.
How to Mitigate Password Spraying Attacks in General
Talk to just about any cybersecurity professional, and the solution to the problem of password spraying attacks is simple: eliminate passwords. Passwords are no longer enough to keep us safe online. The move towards a passwordless future has already begun for many as they start on the passkey journey. Chris Burton, head of professional services at Pentest People, says that “where possible, we should be using passkeys, they’re far more secure, even if adoption is still patchy.” Lorri Janssen-Anessi, director of external cyber assessments at BlueVoyant, agrees that businesses should consider passwordless solutions, such as authentication methods using biometrics and secure tokens.
Mitigating the AzureChecker Password Spraying Container Attack Threat
Microsoft recommends the following mitigations to prevent password spraying attacks:
- Use strong authentication when exposing sensitive interfaces to the internet.
- Use strong authentication methods for the Kubernetes API to help prevent attackers from gaining access to the cluster even if valid credentials such as kubeconfig are obtained.
- Avoid using the read-only endpoint of Kubelet on port 10255, which doesn’t require authentication.
- Configure the Kubernetes role-based access controls for each user and service account to have only those permissions that are absolutely necessary.
Conclusion
The Microsoft password spraying attack warning should tell us that password reuse is bad, and compromised passwords can be used to facilitate further hacking activity. Credential stuffing is something that isn’t going to go away, and newer threats are only accelerating this risk. It’s time to consider passwordless solutions, such as passkeys, biometrics, and secure tokens, to keep our online accounts secure.
FAQs
- What is a password spraying attack?
A password spraying attack is a type of cyber attack where hackers use automated tools to try a large number of passwords against a targeted system or account. - How can I prevent password spraying attacks?
To prevent password spraying attacks, use strong authentication methods, such as passkeys, biometrics, and secure tokens, and avoid using weak passwords or reusing passwords across multiple accounts. - What is the risk of password spraying attacks?
The risk of password spraying attacks is that they can lead to unauthorized access to sensitive systems and data, and can be used to facilitate further hacking activity, such as cryptomining or data theft. - How can I protect my cloud tenants from password spraying attacks?
To protect your cloud tenants from password spraying attacks, use strong authentication methods, such as Azure Active Directory, and configure role-based access controls to limit access to sensitive resources. - What is the future of password security?
The future of password security is likely to involve a move towards passwordless solutions, such as passkeys, biometrics, and secure tokens, which can provide stronger and more convenient authentication methods.
Community Mentorship Programs Help Strengthen Local Workforce and Social Impact
Low-Code Platforms are Changing How Businesses Build Internal Technology
Microlearning in Employee Training: A Practical Approach to Workplace Skill Development
Decision-Making Frameworks Improve Strategic Leadership and Organizational Clarity
Career Ladder Programs Strengthen Workforce Development and Employee Retention
Workplace Recognition Programs Improve Organizational Culture and Employee Engagement
Why Mental Endurance is Essential for Workplace Resilience
What Informational Interviews are and Why they Matter
How Emotional Intelligence Can Help You Manage Stress and Build Resilience
Interview with Dr. Kristy K. Taylor, WORxK Global News Magazine Founder
Sarah Herrlinger Talks AirPods Pro Hearing Aid
NetWork Your Way to Success: Top Tips for Maximizing Your Professional Network
Unlocking Human Potential: Kim Groshek’s Journey to Transforming Leadership and Stress Resilience
The Power of Belonging: Why Feeling Accepted Matters in the Workplace
Health-care stocks fall after Warren PBM bill, Brian Thompson shooting
Glenda Benevides: Creating Global Impact Through Music
-
Resiliency7 months agoHow Emotional Intelligence Can Help You Manage Stress and Build Resilience
-
Career Advice1 year agoInterview with Dr. Kristy K. Taylor, WORxK Global News Magazine Founder
-
Diversity and Inclusion (DEIA)1 year agoSarah Herrlinger Talks AirPods Pro Hearing Aid
-
Career Advice1 year agoNetWork Your Way to Success: Top Tips for Maximizing Your Professional Network
-
Changemaker Interviews1 year agoUnlocking Human Potential: Kim Groshek’s Journey to Transforming Leadership and Stress Resilience
-
Diversity and Inclusion (DEIA)1 year agoThe Power of Belonging: Why Feeling Accepted Matters in the Workplace
-
Global Trends and Politics1 year agoHealth-care stocks fall after Warren PBM bill, Brian Thompson shooting
-
Changemaker Interviews12 months agoGlenda Benevides: Creating Global Impact Through Music