VPN Users Beware: Hackers are actively using brute force dictionary attacks on networks accessible by VPN. Symptoms/User Impact: User accounts may get locked out or experience difficulty in connecting remotely via VPN. What To Do Now: • Restrict user VPN access to only those users that need it. • Ensure Multi-Factor Authentication (MFA) is in place for all VPN users. • If you do NOT have MFA for VPN already in place, you are at significant risk. • Remind your users NOT to approve an MFA request that they did not initiate! • Implement geo-blocking on inbound VPN access and where possible, disable any web-browser based VPN access. Contact IT Radix if you would like us to implement these measures for you. • Please remind users to report anything suspicious and keep a watchful eye for unusual activity. We are carefully monitoring updates from Microsoft and our Threat Intelligence feeds.

Call us for additional help and advice.

_______________________________________________________

More gory tech info: What is a dictionary attack?

A dictionary attack is a method of breaking into a password-protected computer, network or other IT source by systematically entering every word in a dictionary, or word list, as a password.

_______________________________________________________

Read more details about this type of attack here in IT Radix’s Threat Intelligence Report.