Microsoft has bolstered its credential compromise detection capabilities to better defend against password spray attacks. The solution uses machine learning to double the detection rate, while maintaining a 98% level of precision.
“Password spray is one of the most popular attacks, accounting for more than a third of account compromise in organizations,” Alex Weinert, the Director of Identity Security at Microsoft, explained in a blog post.
“In these attacks, bad actors try a few common passwords against many accounts from different organizations. Instead of trying many passwords against one user, they try to defeat lockout and detection by trying many users against one password. Effective forms of this attack are "low and slow,” where the bad actor uses thousands of IP addresses (such as from a botnet) to attack many tenants with a few common passwords. From any one tenant’s view, there are so few login attempts with such poor consistency that the attack is undetectable.”
- The best password generator for your business
- The best antivirus software available
- The best endpoint protection solution
Microsoft built the new solution within Azure Active Directory (Azure AD) by focusing on heuristic detection, tracking the pattern of a password spray attack across global traffic networks. Data scientists then started training a machine learning system based on noticeable deviations in account behaviour.
Because password spray attacks involve just one or two password attempts against each account, they are not usually detected by traditional protection solutions. Automation software like Microsoft’s new machine learning tool is increasingly required to catch the most sophisticated cyberattacks.
According to internal analysis, every day Azure AD’s machine learning and heuristic systems evaluate the risk associated with 18 billion login attempts, with around 300 million coming from malicious entities. The sheer scale of the cyber threat facing large businesses simply couldn’t be tackled manually.
- We've featured the best password managers.
- We've also highlighted the best identity management software
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services. After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things.