VPN Users Beware: Hackers are actively using brute force dictionary attacks on networks accessible by VPN.
Symptoms/User Impact: User accounts may get locked out or experience difficulty in connecting remotely via VPN.
What To Do Now:
• Restrict user VPN access to only those users that need it.
• Ensure Multi-Factor Authentication (MFA) is in place for all VPN users.
• If you do NOT have MFA for VPN already in place, you are at significant risk.
• Remind your users NOT to approve an MFA request that they did not initiate!
• Implement geo-blocking on inbound VPN access and where possible, disable any web-browser based VPN access.
Contact IT Radix if you would like us to implement these measures for you.
• Please remind users to report anything suspicious and keep a watchful eye for unusual activity.
We are carefully monitoring updates from Microsoft and our Threat Intelligence feeds.
Call us for additional help and advice.
_______________________________________________________
More gory tech info: What is a dictionary attack?
A dictionary attack is a method of breaking into a password-protected computer, network or other IT source by systematically entering every word in a dictionary, or word list, as a password.
_______________________________________________________
Read more details about this type of attack here in IT Radix’s Threat Intelligence Report.