Re: Splunk's advice for those hoping to avoid the attack is simple
I read the Reg to keep myself educated, updated, amused and sometimes! frankly horrified & incedulous at the state of the computer networks most of the world have come to rely on (me included re: banking shopping etc!) This particular report has prompted a rare reply simply because I could not initially credit that any "cloud" system would not immediately see and flag/stop any brute force password attack within "it's own system"
Then I got to "mikepren" reply that there is such a system in place called GuardDuty, so went toff to read how that works and yes seems very good, however its an extra!
So I realise that in near everything I read on here, money (or lack of!) is the cause of so many of the gaffes, BUT the vendors have some responsiibility! otherwise we would have car makers saying it has "Some braking" but if you really want it to "Stop" you will have to pay extra!
So I am left shaking my head in dismay & agree (if it at all possible) go with "Howard Sway" comment "Oh, and don't use a cloud service provider, who can't notice and quickly stop something as basic as an attempt at a brute force password attack." As in a provider who has a "Mandatory" Security checking system in place, not just one who obviously does not give a damm! other than of course to see another source of income!