Brute-force & VPN attacks on the Rise

Troy Gerrie • July 25, 2024

With the rise in remote work, the sophistication of hacking tools, and the surge in AI, brute force & VPN attacks are soaring. Since at least March 2024, there has been a global surge in brute-force attacks identified against a variety of targets including VPN services, web application authentication interfaces, and SSH services. 


Known Affected Services

  • Cisco Secure Firewall VPN 
  • Checkpoint VPN 
  • Fortinet VPN 
  • SonicWall VPN 
  • RD Web Services
  • Ubiquiti


A Virtual Private Network (VPN) is a mechanism for creating a secure connection between a computing device and a computer network, or between two networks, using an insecure communication medium such as the public Internet.


Current trends indicate that VPN attacks are not only increasing in frequency but also growing in sophistication. The rise in ransomware cases exploiting VPN vulnerabilities, especially following public disclosures, underscores the inherent weaknesses of traditional VPNs. These flaws provide attackers with easy access points to penetrate networks and move laterally, resulting in significant data breaches and operational disruptions.


Progressive organisations are shifting to zero trust architectures to achieve more detailed control and significantly minimise the attack surface. This is achieved by eliminating implicit trust, both within and outside the network perimeter. This approach tackles the immediate weaknesses of traditional VPNs and aligns with a proactive cybersecurity strategy, crucial for adapting to the changing threat landscape. 


A Brute Force Attack is a hacking technique that uses trial and error to crack passwords, login credentials, and encryption keys. The term “brute force” reflects the attackers’ relentless attempts to gain access. Hackers employ computers to test numerous username and password combinations until they find the correct one. 


↓ Downside: An attacker can eventually discover a password through a brute-force attack.


↑ Upside: By following best practices for password creation and storage, it could take years to crack. With a sufficiently long and complex password, there could be trillions of possible combinations, making it extremely difficult for attackers.


Although it is impossible to completely stop these attacks, the following best practices can significantly thwart their efforts and enhance your security posture.


  • Use Strong & Unique Passwords – passwords should be long and complex; each account should have a unique password.
  • Limit Login Attempts - Block accounts after “x” number of failed login attempts.
  • Monitor IP Addresses – Block login attempts from suspicious IP addresses.
  • Use Multifactor Authentication (MFA) – Multiple ways to identify a user is who they say they are. Something you have, something you know, something you are. EG. Password + Authenticator App code.

Recent Posts

From small town to big security, with the ASD Essential 8

May 29, 2025
Cybercrime is on the rise in New Zealand, with CERT NZ recording $6.8M in reported financial losses in Q4 2024 alone. For small-town businesses, the stakes are even higher. That’s why we have adopted the Australian Signals Directorate (ASD) Essential 8 framework to enhance its cybersecurity practices.

MCI & Associates and Yorb: A journey from support to strategy

April 10, 2025
MCI & Associates is an accountancy firm with over 45 employees across offices in Dannevirke and Pahiatua. The practice services a diverse range of clients, including those in the farming and commercial sectors, and its core services include tax preparation, business advisory and planning, and general accounting. The relationship between Yorb and MCI goes back over three decades to when both companies were in their formative stages. The trust-based relationship has endured and evolved as each business has grown and matured - going through name and ownership changes.

Cyber security in small-town NZ: why it’s time to pay attention

March 26, 2025
If you think cybercriminals only go after big corporations in major cities, think again.  The majority of incidents recorded by the NCSC impact individuals and small to medium businesses, proving that cyber threats don’t discriminate based on location - they target opportunity. With over 23,000 reports to the Netsafe helpline, and $17.8M in losses reported last year, small-town businesses are very much in the spotlight. In the past few months alone, three local accounting firms in regional New Zealand have suffered a data breach,and local ISP - Inspire was recently the target of a malicious cyber attack.