<  All Posts

How Periculo Helps Businesses Prevent Brute Force Attacks with ISO 27001

Author:
Jack White
Maintaining your Cyber Security Posture Day to Day

A managed service customer looking to maintain their ISO27001 certification entrusts us with daily log checks to monitor their ongoing security posture. With the monotony of reviewing the same logs day after day, it can be hard to remain vigilant, but this is a vital part of being a secure, professional organisation. The challenge lies not only in detecting new threats but also in recognising subtle changes in patterns that could indicate an evolving security incident.

What Could Go Wrong?

Our client began to experience a small number of failed sign-in attempts from suspicious IP addresses across the globe. These incidents were sporadic at first, making it easy to overlook them—especially with the assurance that their cloud service provider would block sign-in attempts from known malicious IP addresses. However, the situation quickly escalated. Within a few days, we observed a dramatic rise in the number of these sign-in attempts, jumping from a few per day to hundreds within a few hours.

The client was under a brute force attack. In this context, a brute force attack involves an attacker systematically trying multiple combinations of usernames and passwords until they successfully gain unauthorised access to an account. While their cloud service provider could block attempts from malicious IP addresses, a deeper analysis of the error codes showed that some attempts were simply due to incorrect passwords and were bypassing the security control. This suggests that attackers might be using automated tools to guess passwords on a wide variety of different IP addresses. Given enough time, an attacker could potentially guess a correct password, providing them access to sensitive data.

How Can We Stop This?

There are several steps that you can take to protect yourself from brute force attacks and similar threats:

How Did Things Improve for the Client?

After identifying which accounts were being used for the attempted sign-ins, we discovered that they were old, unused accounts. These accounts were subsequently deleted as they were no longer required, prompting a more thorough cleanup and review of all user accounts. This simple action significantly reduced the risk of similar incidents in the future.

A comprehensive review of the cloud service provider’s rules and policies was also conducted. The client introduced a limit on the number of failed login attempts before an account is disabled, providing greater assurance that such an issue would be less likely to occur again.

Finally, daily log checks improved as well. Without hundreds of failed login attempts cluttering the logs, it became easier to spot other anomalies and respond to them more effectively.

How Can You Help Yourself?

While having a managed security provider is invaluable, organisations can take meaningful steps on their own to improve their cybersecurity posture:

What do the regulators say about daily log checks?

Notwithstanding the obvious benefits of keeping your organisation safe from attackers, numerous security standards require you to maintain regular log checks. These can come in many formats, but all recommend the implementation of automated checks which can help keep you safe and alert you when an incident occurs.

How Can We Help?

At Periculo, we help organisations like yours enhance their security posture and align with internationally recognized standards. Whether you're seeking to achieve a specific certification like ISO27001, Cyber Essentials, SOC 2 or simply want to strengthen your overall security approach, our expert team can provide tailored solutions to meet your needs. We believe in empowering organisations to take control of their cybersecurity — because when it comes to security, proactive prevention is always better than reactive response.

Protecting Digital Health Solutions

Contact Periculo for expert cyber security solutions tailored to the digital health industry.

Subscribe
Stay updated with our newsletter for the latest features and releases.
By subscribing, you agree to our Privacy Policy and consent to receive updates from us.
Thank you! Subscription received.
Oops! Something went wrong. Please try again.