Microsoft System Hackers Use Attack Password Spray Engineering, What Is It?

Explanation of cyber attack password spray attack technique (photo: Kaspersky)

JAKARTA - Not long ago, a Russian hacker group named "Midnight Blizzard", managed to hack Microsoft's corporate system and steal a number of emails and documents from staff accounts.

According to Microsoft's confession, the hacker group used a password spray attack (code spray) technique to infiltrate the company's system using the same password that had been compromised against several related accounts.

Based on Kaspersky's explanation, the spray attack password is a type of brute force attack involving bad actors who try to use the same password on multiple accounts before proceeding to try other passwords.

The global cybersecurity company also stated that this type of attack is often effective, given the large number of users using simple and predictable passwords.

What's interesting about this technique is, if usually our account is locked after several attempts to login, hackers who use the password spray attack technique can actually avoid account locking.

The special feature of such a technique is implied in the word spray, which means they can target thousands or even millions of different users at once, not just one account. The process is often automatic and can take place over time to avoid detection.

Usually, this type of attack occurs when applications or admins within certain organizations set the default password for new users. Although it looks very simple, this type of attack is actually widely used by a sophisticated group of cybercrimes.

Even in 2022, the US Cyber & Infrastructure Security Agency (CISA) issued a warning about state-sponsored cyber actors, listing the various tactics they use to gain access to targeted networks and password spraying.