Microsoft Warns of Rise in Password Sprays On Cloud Accounts

The Microsoft Detection and Response Team (DART) recently notified the public of an increase in password spray attacks with privileged cloud accounts and high-profile identities such as C-Level Executive, which serve as popular targets for these types of attacks.

Spray attacks are a type of brute force attack in which attackers attempt to gain access to large account lists by using a small number of commonly used passwords.

DART explained in a blog post, “Over the past year, the Microsoft Detection and Response Team (DART), along with Microsoft’s threat intelligence teams, have observed an uptick in the use of password sprays as an attack vector. Recently, DART has seen an uptick in cloud administrator accounts being targeted in password spray attacks, so understanding the targets is a good place to start.”

Password spraying makes it less likely to trigger an account freeze, as they are the target of classic brute-force attacks that quickly attempt to log into a small number of accounts using an extensive password list. Therefore, DART recommended that organizations enable and enforce multi-factor authentication (MFA) across all accounts, using password-free technology to reduce the risk of such attacks.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web