The Australian Cyber Security Centre (ACSC) has released an advisory on password spraying attacks, noting it is aware of a high volume of such attacks targeting Australian organizations. Password spraying is a type of brute-force attack in which a malicious actor uses a single password against targeted user accounts before moving on to attempt a second password, and so on. This technique allows the actor to remain undetected by avoiding rapid or frequent account lockouts. The advisory includes recommendations for detecting and mitigating this kind of activity, which include observing a high number of account lockouts and implementing multifactor authentication on all external access systems. The advisory also encourages Australian organizations to report successful incidents of password spraying via cyber.go.au/report. Read the advisory at ACSC.
In light of the ACSC advisory, the U.S. National Cybersecurity and Communications Integration Center (NCCIC) encourages its partners to review tips for Choosing and Protecting Passwords and Supplementing Passwords.