A brute force attack is when an attacker attempts to gain access to an environment by identifying valid login credentials using a combination of manual and automated processes. When executed successfully, the attacker gains access to the environment using legitimate credentials and can freely move around the environment to perform pre-attack actions (recon), establish footholds, identify vulnerabilities, and a myriad of other tasks associated with their ultimate objective.
A brute force script executes thousands of guessing attempts in a very short amount of time. There are simple scripts available on the internet, offering a low barrier to entry for the profit-minded criminal. Brute force attacks can be launched against websites, endpoints, cloud services — literally anything with a network ID and access.
Read the guide for more information on common brute force attack challenges and five steps you can take to protect your organization.