In part I of the blog, we talked about what are automated attacks and how they are a looming threat to businesses today.

With hackers starting to take advantage of the lack of defences for automated attacks, it is critical to understand how and what the hackers are doing.

An automated attack can take many forms, however they are most commonly used for stealing credentials and finding vulnerabilities. The former scenario involves using techniques such as, Credential Stuffing.

Credential Stuffing is when an attacker writes a script designed to test specific usernames and passwords against a website. The username and password list will often be a consolidation of stolen databases from other websites.

This means that all it takes for an account to be compromised is for a user to repeat a password they have used elsewhere on the web, which is highly likely!

A second technique is the use of vulnerability scanners and can be equally as dangerous. For example, when the ‘Shell Shock’ bug was released 2 years ago, hours after the announcement there were scripts trawling the internet running test commands against every single IP address that they could find. This lead to a tremendous success rate for all of the attackers and allowed them to compromise the security of many websites.

These types of attacks are causing costly damage in the enterprise, this means that a reactive defence approach is no longer sufficient. By the time they are detected, the attacker has been successful. This means that we need security solutions that proactively stop threats before any damage can be done!

http://www.vmtech.com.au/blog/automated-attacks-part-ii/