Since brute force capabilities allow access to protected data like account credentials, using multi-factor authentication is one way of mitigating such a cyber attack. Intelligence and security agencies from the United States of America and the United Kingdom claimed that Russia conducted cyberattacks to compromise enterprise and cloud environments including that of Microsoft from mid-2019 through early 2021. Since then, Russia has denied the claims published in a report by the USA's National Security Agency and others. The report "Russian GRU Conducting Global Brute Force Campaign to Compromise Enterprise and Cloud Environments" said that since at least mid-2019 through early 2021, the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS), military unit 26165, used a Kubernetes cluster to conduct brute force access attempts against hundreds of government and private sector targets all over the world. The attacks were perpetrated by using Microsoft Office 365 cloud services, but the report added that it also targeted other service providers. The other investigating agencies involved in the fabrication of the report were the USA's Cybersecurity & Infrastructure Security Agency, the Federal Bureau of Investigation, and the United Kingdom's National Cyber Security Centre. How do such cyber attacks happen? This brute force capability would allow the 85th GTsSS actors to access protected data, including email, and identify valid account credentials. These credentials may have then been used for access, persistence, privilege escalation, and defence evasion. The actors could have exploited publicly known vulnerabilities, such as exploiting Microsoft Exchange servers…
