When you are educating your employees about the importance of maintaining a complex password or passphrase, share this story to show why it is so important and to emphasize not to use same or similar passphrases across multiple platforms. It is not just a matter of getting into the company’s systems, but also one of national security.
This week, Microsoft shared research “that it is likely” that Iranian-backed hackers launched attacks against more than 250 U.S. and Israeli defense contractors and global maritime companies through Office 365 accounts, and were successful 20 times.
The Iranian-backed hackers used a “password spraying” techniques, that is, rapidly spraying the account with compromised passwords to see if one will work. It is disappointing to see how often this technique works to access an account. The reason why it works is because employees are using the same password across different platforms, which the hackers know, and when a password is compromised and sold on the dark web, they know where and when to use it, with devastating consequences.
Microsoft predicts that Iran and its hackers will continue this activity, particularly against defense contractors and the shipping and maritime industries.
Educate your employees on how important their passphrases are to company data and national security as foreign adversaries are using these easy techniques to gain valuable company data as well as data important to national security.