India top target of credential stuffing attacks: Report


New Delhi, Jul 15 (IANS): The media industry suffered 17 billion credential stuffing attacks between January 2018 and December 2019, while India was the most targeted country in 2019, enduring with 2.4 billion credential stuffing attacks, according to a new report from Akamai Technologies on Wednesday.

India was followed by the US at 1.4 billion and the UK at 124 million, said the Akamai 2020 State of the Internet / Credential Stuffing in the Media Industry report.

In credential stuffing, attackers "stuff" login fields with illegally obtained credentials. Once a user id and password work to unlock an account, the attacker takes over the account and exploits it for fraud.

"As long as we have usernames and passwords, we're going to have criminals trying to compromise them and exploit valuable information," Akamai security researcher Steve Ragan said in a statement.

"Password sharing and recycling are easily the two largest contributing factors in credential stuffing attacks.

"While educating consumers on good credential hygiene is critical to combating these attacks, it's up to businesses to deploy stronger authentication methods and identify the right mix of technology, policies and expertise that can help protect customers without adversely impacting the user experience," Ragan said.

The US was by far the top source of credential stuffing attacks against media companies with 1.1 billion in 2019, an increase of 162 per cent over 2018.

France and Russia were a distant second and third with 3.9 million and 2.4 million attacks, respectively, said the report which got delayed from April to July due to the Covid-19 pandemic.

The extra time allowed Q1 2020 data to be added to the original report by Cloud security and content delivery network player Akamai.

Most notably, there was a large spike in malicious login attempts against European video service providers and broadcasters during the first quarter of 2020.

One attack in late March, after many isolation protocols had been instituted, directed nearly 350,000,000 attempts against a single service provider over a 24-hour period.

Separately, one broadcaster well known across the region, was hit with a barrage of attacks over the course of the quarter with peaks that ranged in the billions.

Another noteworthy trend during the first quarter was the number of criminals sharing free access to newspaper accounts.

 

  

Top Stories


Leave a Comment

Title: India top target of credential stuffing attacks: Report



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.