Security News > 2020 > May > Healthcare organizations targeted with password spraying attacks
Malicious campaigns are using password spraying as a type of brute-force attack to find weak passwords at healthcare and medical facilities.
Specific attacks against healthcare providers detected by security agencies in the UK and US are using password spraying to compromise accounts with weak passwords.
In a report issued Tuesday, both the UK's National Cyber Security Centre and the US Cybersecurity and Infrastructure Security Agency warned about a new wave of large-scale password spraying campaigns directed at healthcare and medical organizations.
To help protect hospitals and medical facilities from password spraying attacks, the two security agencies are advising workers to change any passwords that could be reasonably guessed to one created with three random words.
Configure protective monitoring over externally reachable authentication endpoints to look for password spraying attacks.