According to a non-profit security organization, a week-long brute force attack campaign has achieved a huge relationships by malicious actors.

The Shadowserver Foundation Reports that the campaign, which has been underway since January, involves as many as 2.8 million IP addresses daily, which are aimed at VPN devices, firewalls and gateway of sellers such as Palo Alto Networks, Ivanti and Sonicwall.

“The recent spate of brute force attacks reported by the security devices reported by Shadowserver is a serious concern for cyber security teams,” says Brent Maynard, senior director for security technology and strategy at Akamai technologiesA content delivery network service provider, in Cambridge, Mass.

“What makes this attack stand out is both the scale – millions of unique IPs that try to access daily – and the fact that it strikes critical security infrastructure such as firewalls, VPNs and safe gateways,” Maynard told Technewsworld.

‘It’s not just any devices. It is the leading defense that protects organizations from external threats. If an attacker gets control of them, their security controls can completely bypass, leading to data offenses, spying or even destructive attacks. “

In a brute force attack, waves of passwords and usernames have inundated a sign -in objective in an attempt to discover valid login vouchers. Devices jeopardy can be used for data, botnet integration or illegal network access.

Massive Botnet threat is increasing

‘This type of botnet activity is not new. However, the scale is alarming, ”said Thomas Richards, a network and red team practice director at Black duck softwareAn application safety business in Burlington, Mass.

“Depending on the type of device that is in jeopardy, the attackers can use their access to deactivate internet access to the organization, disrupt networks that communicate or facilitate their own access within the network,” Richards told Technewsworld. “The attack, even if it is not successful in obtaining access to the devices, can do damage by trying too many login attempts and excluding valid accounts.”

Patrick Tiquet, Vice President for Safety and Architecture at Keeper SecurityA Chicago-based password management and online storage business explained that the attacks on brute force are significant because it exploits weak or reused passwords, one of the most persistent vulnerable in cyber security.

“Apart from immediate loss of data, these offenses can disrupt operations, damage the reputation of an organization and erode the trust of clients-which leads to long-term consequences for financial and security,” he told Technewsworld.

Erich Kron, a lawyer for safety awareness at Knowbe4A provider of safety awareness training in Clearwater, Florida, added that the source of these attacks is spreading millions of smaller devices around the world, making it extremely difficult to defend.

“Many consumers have old and outdated devices in their homes connected to the Internet,” Kron told Technewsworld. ‘These vulnerable devices are exploited and used to drive cyber attacks like this.’

“Traditional approaches such as geblocking and the not of large blocks of IP addresses can actually block legal web traffic, which costs some organizations’ sales and seems to be potential customers,” he said.

Faith -based attacks overwhelm the defense

Kris Bondi, CEO and co-founder of MimotoA threat detection and response in San Francisco, argued that the campaign exposed by Shadowserver emphasizes the vulnerability of credentials, even in security and infrastructure organizations.

“Brute Force attacks are automatically automated, so they are implemented on scale,” Bondi told Technewsworld. “It’s not a question whether they can come in with this approach. The question is how many times the organization will be penetrated in this way, and the security team will know when it happens. “

Maynard of Akamai explained: “Attackers no longer have to sit on a keyboard and guess passwords. They deploy massive bot nets that can test thousands of credentials within minutes. “

“Using an attack called password spray, attackers can use a well -known username or email address and connect it with tens of thousands of the most common passwords with software that will then try to log in to different exposed devices,” Kron of Knowbe4 added. “With a few million devices available to try to make these sign -ups, the success rate is high.”

Bondi noted that the number and size of the brute force attacks are increasing. “Automation and generative AI made it easier to implement this kind of attack,” she said.

“They hit the great vulnerability that represented credentials,” she continued. “The attackers know that if they send enough attacks, a percentage will come through. Meanwhile, security teams have been overwhelmed and cannot address all the attacks in real time, especially without additional context. “

The explosion of Internet-linked devices and the ongoing use of poor credentials also contributes to increased brute force attacks.

“With remote work, smart devices and cloud adoption, trust more organizations in Edge security devices that need to be accessible from the Internet,” Maynard said. “It makes them natural targets.”

“Despite years of warnings,” he added, “many companies still use standard or poor passwords, especially on infrastructure devices.”

AI’s role in the defense and prevention of cyber attack

While artificial intelligence contributes to the increase in brute force attacks, it can also set them up. “AI has the potential to be a game changer in defense against brute force and faith attacks,” Maynard said.

He noted that security teams use AI-driven solutions to detect disorders, analyze behavior and automate reactions to attacks.

‘Ai is very good at seeing deviations and patterns. Therefore, AI can be very helpful in looking at attempted reports, finding a pattern and hopefully suggesting ways to filter traffic, ”Chron explained.

Jason Soroko, senior vice president of the product at SectoA Global Digital Certification Provider, acknowledged that AI defense could help by detecting anomal login patterns and accelerating suspicious activities, but advised that strong verification was first prioritized.

“While strong verification identity management on scale and digital certificates and other strong asymmetrical form factors, they need provision and life cycle management, but it can produce very strong safety benefits,” Soroko told TechNewsword.

However, Bondi predicted that AI would eventually vacate the need for credentials. “AI makes it possible to combine the detection of anomaly with advanced pattern adjustment to recognize specific people, not credentials, with considerably lower rates of false positive,” she said.

AI can also help provide context with warnings, which allows security teams to prioritize faster and respond faster to true warnings while reducing false positive, she added.

“It is expected that AI will also be able to help predict the intent in the near future based on specific actions and techniques of an attack,” Bondi observed. “Although LLMs are not yet capable of this, they may be within a few quarters.”