Australia is a top credential stuffing target
Australia is the fifth most targeted country in the world with credential stuffing attacks against online video and music streaming services, according to Akamai.
The content delivery network and cloud service provider’s new State of the Internet – Security special report on credential stuffing found that Australia ranked behind only the US, India, Canada and Germany as the fifth top attack destination in 2018.
Credential stuffing attacks involve using automated tools to test large numbers of stolen login details sequentially, based on the assumption that users re-use compromised passwords across multiple services.
Globally, three of the largest credential stuffing attacks against streaming service providers in 2018 — ranging in size from 133 million to 200 million attempts — took place shortly after reported data breaches.
According to Akamai, this suggests that cybercriminals are using credential stuffing techniques to test stolen login credentials before selling them.
The report also notes the existence of easily discoverable online video tutorials that run step by step through the execution of a credential stuffing attack, as well as a thriving marketplace of compromised accounts available for purchase in bulk on the dark web.
Akamai Director of Security Technology and Strategy Patrick Sullivan said the findings demonstrate how important it is that companies take steps to ensure their customers have basic cybersecurity awareness.
“Educating subscribers on the importance of using unique username and password combinations is one of the most effective measures businesses can take to mitigate credential abuse,” he said.
“The good news is that organisations are taking the threat seriously and investigating security defences.”
Information Technology Professionals Association (ITPA) is a not-for-profit organisation focused on continual professional development for its 18,700 members. To learn more about becoming an ITPA member, and the range of training opportunities, mentoring programs, events and online forums available, go to www.itpa.org.au.
The company has released the Windows 10 Insider Preview Build 19033 in both the fast and slow...
Regulators have taken enforcement action against iiNet, Telstra and Optus for breaching their...
86% of ASX100 companies aren't implementing email security best practices, leaving them...