According to Akamai’s recent report, “2018 State of Internet/Security Credential Stuffing Attacks”, worldwide malicious login attempts are on the rise.
Akamai analyzed attack data from across the company’s global infrastructure and found that 3.2 billion malicious login attempts were made each month between January and April 2018. The company also found that 1.4 million usernames and passwords have been compromised this year alone.
Botnets concurred a monthly average increase of 30% between May and June 2018. During this time period, researchers detected over 8.3 billion malicious login attempts from bots. It’s important to note that not all bots are bad, but credential stuffing botnets are particularly dangerous because they seek to assume someone’s identity, collect information and steal money or goods.
Between November 2017 and June 2018, researchers detected more than 30 billion malicious login attempts.
The financial industry and retail sector are the most targeted simply because they hold the majority of online money. In the report, Akamai shed light on the experiences of two of its customers, one a large financial institution, and the other a smaller credit union. Both firms received large-scale attacks. The larger firm experienced over 350,000 login attempts in just one afternoon, while the smaller firm experienced over 8,000 malicious login attempts per hour.
Large-scale credential stuffing attacks are growing rapidly and cybercriminals are constantly switching up their attack vectors to avoid detection, but this attack could have detrimental consequences to an organization.
Without specific tools in place to defend against these campaigns, organizations can easily miss some of the most dangerous attacks. If organizations want to maintain security and minimize the likelihood of a financial fallout from these cyber-attacks, they need to adopt a preventative approach. NNT Change Tracker Gen7 provides organizations with real-time visibility into what’s going on in your IT environment, allowing your organization to spot unusual changes that could represent dangerous breach activity in real time and take immediate action before any serious damage is done.