A new report from Akamai reveals that the financial services industry has become a prime target for credential stuffing botnets. The report highlights two attacks on financial services sites. One botnet attack caused a major financial company’s login attempts to spike from an average of approximately 50,000 an hour to over 350,000 in one afternoon. The other saw a credit union attacked by three botnets at the same time, the most dangerous not being the biggest, but the one which kept up a sustained lower level attack over a longer period so as not to arouse suspicion.
Ryan Wilk, Vice President at NuData Security:
“Based on what we’ve seen at NuData, 90% of attacks start with some sort of automation, credential stuffing being a prominent one. The software for credential stuffing is now so affordable that this type of attack is becoming accessible for almost anyone. What this means is that adversaries can automatically cycle through username and password pairs against login portals. This technique, known as credential stuffing, is a type of brute force attack whereby large sets of credentials are automatically inserted into login pages until a match with an existing account is found.
Having customers change their passwords is a temporary fix, a band-aid that doesn’t get to the root of the problem. One effective way to stop this type of attack is to implement security solutions that detect this sophisticated automated activity at login and other placements. By using technologies that include behavioural biometrics, automated activity is flagged at login before it can even test any credentials in the company’s environment. At the same time, companies should stay alert for any leaked credentials of their employees or customers along with mentions of the company and brand names across cracking forums to stay on top of this trend.”