Page 13 - Cyber Warnings August 2017
P. 13
configured DNS server can deliver a lot of information to an attacker about the internal
configuration of systems.
Attackers are probing your organization’s outer wall for a way in, and information about internal
networks. Walk along the wall. Are you absolutely certain there are no holes and no data
leaking through them?
Attack your passwords
Your employee’s passwords are likely one of your primary vulnerabilities. We’ve all heard the
speech about strong passwords, mixing in numbers and special characters, etc. Most of what
you have probably been told is wrong. Until you’ve seen password cracking in action, you likely
have no appreciation for the capabilities of current tools and computer hardware. Here’s an
example many of us have encountered: below is a link to an infographic put out by the PCI
Security Standards Council entitled: “It’s time to change your password”:
https://www.pcisecuritystandards.org/documents/PCI-Password-
Letter.pdf?agreement=true&time=1502716087229
In this infographic, nine sample passwords are shown with their respective time to crack the
password. Here’s the list of passwords:
Password Time to Crack
burger instantly
burger1 19 seconds
Burger1 14 minutes
123burger 7 hours
Burger123 39 days
hamburger123 37 years
Burger&fries 64,000 years
Burger&fries1 26,000,000 years
Burger123fries 98,000,000 years
13 Cyber Warnings E-Magazine – August 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide.
