Step 1 – Acquire a login list
The attackers gather the required information from email IDs (firstname.lastname@company.com), online profiles, data compiled from past security breaches etc.
Step 2 – Spray passwords
With the help of online publications, the attacker gathers information on commonly used passwords. They select a password and try it against the entire list of accounts. If the attack is not successful, they wait for 30 minutes to avoid triggering a timeout and then try the next password.
Step 3 – Gain access
Once the password works against one of the accounts, attackers gain access to user’s cloud resources, accounts, networks and systems.