Rainbow Table Attack
Whenever a password is stored on the system, it is usually encrypted with a “hash” or cryptographic alias, making it impossible to determine the original password without a corresponding hash.
To get around this, hackers maintain and share directories that contain passwords and their corresponding hashes, often derived from previous breaches, reducing the time it takes to compromise a system used for brute force attacks.
Rainbow tables go even further as they don’t just provide the password and its hash, but store a precompiled list of all possible text versions of encrypted passwords based on a hashing algorithm.
The hackers can then compare these lists to any encrypted passwords they find on the company’s system.
Most of the computation is done before an attack occurs, making it much easier and faster to launch an attack compared to other methods.
The downside to cybercriminals is that the sheer number of possible combinations means rainbow tables can be huge, often hundreds of gigabytes in size.