VPN systems targeted in mass attacks using a simple method that can lead to devastating results

Cybersecurity company GreyNoise has detected a targeted campaign aimed at attacking VPN infrastructure around the globe. The attacks are using the “password spraying” method, which can lead to access across thousands of terminals if successful. Unlike brute force attacks, password spraying has the possibility of gaining access to a lot more computer systems in a much shorter span of time.

Targeted attacks against corporate VPN systems

The attacks, originating mostly from Germany, are targeting VPN infrastructure located in the United States, Mexico, and Pakistan. Over 10,000 unique IP addresses are being used, and the targets are corporate VPN networks. GreyNoise detected over 1.7 million sessions taking place in a 16-hour period, attempting to gain access.

The aim is to gain access to as many employee accounts as possible. This allows the attackers to impersonate said employees, and potentially engage in corporate espionage or sabotage. It also leaves intellectual property vulnerable to theft. If part of a broader campaign, or targeting companies affiliated with governments, such attacks can be a serious matter of national security as well.

Password spraying instead of brute force

This attack is using the strategy known as password spraying, instead of the brute force attacks that are often expected in such cases. When brute forcing their way into a system, attackers only target a handful of systems, and then spend a long time trying hundreds of thousands, if not millions of different password combinations.

Meanwhile, password spraying is when attackers target a large number of computers, only trying common passwords before moving on to the next target. This can actually be a very successful method, as many people use very simple passwords on their personal and work computers. In fact, the U.S. government has had its most sensitive systems breached in the past due to password spraying attacks.

Should you worry?

Though this attack is aimed at corporate VPN systems instead of personal ones, it never hurts to be a little more careful. For example, not using common passwords on your systems is a good practice in general. Even if they’re not being reported on right now, you can bet that there are multiple similar attacks happening against personal computer systems as we speak.

And, using a VPN for browsing the internet can keep you better protected, as all of your data becomes unreadable for anyone trying to snoop.

Surfshark VPN: 88% off 24-month subscription

€61 ⁸³

€484 ⁶⁵

€423 off (87%)

Grab the Surfshark One VPN subscription for 24 months, and you can now save 87%. The subscription costs just €2.29/mo, or €61.83 for 27 months. Why 27? Because you're getting three extra months! Don't miss out.

Buy at Surfshark